Sym empowers engineers to create the perfect security and privacy workflows

Customizing controls that make sense for your team should be easy. We provide building blocks that keep you compliant without getting in your way.

No more long ticket queues, manual escalations, or access drift

With Sym, inefficient security workflows are a thing of the past. We supply you with easily customizable pre-built workflows that feature intelligent routing, multi-channel support, and built-in evidence collection. Sym saves your organization thousands of hours of wasted review time and internal maintenance.

40+ pre-built workflows and counting

Sudo for Critical Infrastructure

Your security posture depends on limiting access to critical infrastructure. Too many engineers with unfettered access is an accident waiting to happen. But people still need to do their jobs. With Sym, you can add a sudo-like self-approval workflow to audit and caution engineers as they modify your most important systems.

Peer-Approval for Sensitive Data

Reducing the scope of default access to sensitive data is a great way to build trust with customers and auditors. With Sym, you can limit the number of engineers who have access to a data store at any given time, while allowing just-in-time, peer-approved access via Slack and IAM Roles when appropriate.

Audited User Impersonation

Adding user impersonation or "god mode" functionality to your app can be invaluable for support and debugging. It's also a great way to leak PHI, PII, and other sensitive user data. Sym unlocks turnkey endpoint protection and auditing in Rails, Django, Express, and more.

Gated Deploys

Human approvals are often an important step in any CI/CD pipeline that results in artifacts being released (e.g. deploys). Services like CircleCI and Github Actions have primitives to allow steps to be gated, but these gates are not compliance-friendly. Use Sym's drop in replacements for dynamic routing, multi-party approvals, and best-in-class evidence collection.

Monitored Ephemeral Database Sessions

Database credentials are typically long-lived and shared, making it difficult to attribute ad-hoc queries to engineers. Use Sym to issue ephemeral credentials (e.g. from Hashicorp Vault) and log ad-hoc queries, all wrapped with our standard approval workflows.

Signed SQL Queries

Engineers often need to run a one-off query against a database they don't normally have access to. Instead of giving them full access, use Sym to approve individual queries without leaving Slack.

Integrates seamlessly with your existing workflows

Get up and running with Sym in less than 30 minutes. We integrate with AWS, 
IDPs, policy-as-code providers, and other common infrastructure tools. 
We also provide Serverless templates for building your own custom integrations.

We help teams meet requirements for SOC 2, HIPAA, and other common compliance standards.

Instantiate workflow templates and supply configuration with a custom Terraform provider
Customize workflow logic at pre-defined points with a simple Python SDK, and a large library of integrations
Automatic evidence collection
Self-serve reporting
Auditable escalations
Large standard library of integrations 
and workflow templates for all use cases.


Gerhard Eschelbeck
Former CISO @ Google
John Kodumal
CTO @ LaunchDarkly
James Smith
CEO @ Bugsnag
Sri Viswanath
CTO @ Atlassian
Jamie Barnett
Former CMO @ Netskope
Russ Heddleston
CEO @ DocSend
Raj Aggarwal
Former CEO @ Localytics
Ben Porterfield
Founder @ Looker
Moritz Plassnig
Former CEO @ Codeship

Trusted By

Deep-dives into infrastructure and compliance


SSH tunnels with less user management

How to use SSM for SSH tunnels, a hot topic from the HN thread. There’s some great prior art on this so we will be linking to that and adding commentary on what you can do, and what the limitations are.

Less infrastructure, More features

We’re finding that many people still don’t know about the features of Session Manager and how it can help them simplify their infrastructure, so I thought I’d share a bit of what we’ve learned.