As opposed to on-prem tools, SecureCloudDB is a cloud-native solution designed to address cloud-specific issues.

Traditional on-prem tools SecureCloudDB
focus on conventional relational databases focuses on cloud databases
are designed for stationary databases with static IP addresses is designed to capture every database
can't protect non-traditional datastores, which are increasingly critical specifically protects AWS Redshift, DynamoDB, ElasticSearch, ElastiCache and more
can't automatically respond to changes in the environment is built to be dynamic 
oftentimes have to be installed and managed is an automated SaaS application that can be used for thousands of accounts with limited configuration requirements 
monitor irrelevant things (e.g., patch level) puts only the most pertinent information into the hands of its users; information like how many databases exist, where backups are located, if passwords are configured correctly, and more


Currently, SecureCloudDB supports the following AWS products:

MySQL with Aurora
RDS for PostgreSQL
PostgreSQL with Aurora
ElastiCache for Redis

SecureCloudDB uses lightweight probes to gather information from your databases on a configurable schedule, these probes only gather metadata for assessments and do not materially affect performance.


Currently, SecureCloudDB requires read-only access to the AWS control plane or database of a system, depending on which database provider is used and what information a user is looking to collect. 

The bulk of inventory, including information regarding access, networking, backups, etc., can be collected without access from within a VPC. 

To access a complete data set of the following AWS products, including audit-related information, database access is required. 

  • RDS for MySQL
  • RDS for PostgreSQL
  • Redshift 
  • Elasticsearch 
  • ElastiCache for Redis

To facilitate database access from within a VPC, an agent that runs off of a read-only access grant is dropped into the user’s environment. Users have several options to provide access, depending on their preference. Users are in full control of what in their environments can be accessed by SecureCloudDB.


Only metadata is retrieved and stored inside SecureCloudDB’s environment and it's encrypted in transit and at rest.

Moreover, we run the same security checks on our own environment that we prescribe to SecureCloudDB clients.


Contact us for information about our Introductory Offer, which provides pricing incentives to new clients.


Can't find what you're looking for?

No worries, our team of experts is ready to help.

Contact Us