Oak9, Inc.


Oak9, Inc.

oak9 makes cloud security easy for developers, securing Azure and infrastructure as code (IaC)

What problem does oak9 solve?

oak9 is a SaaS product that continuously scans Infrastructure as Code (IaC) and cloud infrastructure, finding and fixing security and compliance issues before they go to production in the development lifecycle.
The rapid adoption of Infrastructure as Code (IaC) has increased both the speed and scale at which developers create new cloud infrastructure, but now teams are forced to choose between making deadlines and keeping applications secure. oak9 bridges this gap, making security easy for developers.
oak9 reduces risk and saves time by using tailored blueprints to ensure “always on" security and compliance.

Who is oak9 for?

oak9 is for:

    • Developers who need to write and maintain secure infrastructure as code, using languages like HashiCorp's Terraform.
    • Security Professionals who need to ensure security and compliance in cloud infrastructure and infrastructure as code.
    • DevOps engineers
    • Executives such as CISOs, VPs of Engineering, and anyone with an interest in maintaining overall security posture

How does oak9 work?

oak9 uses pre-written, customizable blueprints for a number of common security and compliance frameworks, such as:

    • NIST
    • ISO27001
    • HIPAA
    • PCI; and many others

oak9 then provides intelligent remediation, paired with our side-by-side code view, to show developers the recommended security changes. oak9 integrates into your environment in any number of ways:
    • Directly to code repositories (GitHub, Bitbucket)
    • As a step in CI/CD pipelines (Azure DevOps, GitHub Actions, Jenkins)
    • Via Cloud APIs (Azure/AWS) to continuously monitor you production cloud environment

oak9 connects seamlessly into your existing systems to provide workflow and ticketing as well as real-time notifications:
    • Azure Boards
    • Service Now
    • Jira
    • Teams
    • Slack