Sym Platform

With Sym, inefficient security workflows are a thing of the past. We supply you with pre-built workflows that feature intelligent routing, multi-channel support, and built-in evidence collection. Sym saves your organization thousands of hours of wasted review time and internal maintenance.

Sym is a workflow automation platform that empowers teams to build perfect security and privacy controls. It is built for engineers, by engineers, and comes packaged as a Terraform provider and Python SDK. By using our comprehensive library of powerful compliance primitives, you define powerful, customized workflows without building and maintaining a pile of internal tools. We handle management, orchestration, and reporting, so you can focus on keeping your teams happy and productive.

Governance for Just-In-Time Infrastructure Access

A common use case for the Sym platform is codifying, executing, and monitoring controls around sensitive infrastructure. Use our SDK to implement chatops-based access to infrastructure, or an entire AWS account, with just a few lines of code. We make it easy to implement a flow that puts requests and approvals in Slack, auto-escalates based on on-call schedules (e.g. PagerDuty) or policy-as-code definitions (e.g. OPA), and automates reading credentials from HashiCorp Vault.

Up and Running in Minutes

Get the shared 80% of common controls for HIPAA and SOC 2 from our template library that codifies practices, then customize your 20% with our Python SDK. We play nice with the tools your team is already familiar with.
DECLARE YOUR WORKFLOWS IN TERRAFORM HCL FILES
USE PYTHON EVENT HOOKS TO IMPLEMENT CUSTOMIZATIONS THAT ARE BEST EXPRESSED IN CODE
BATTERIES INCLUDED
Scaffold workflows and hooks with symflow new
Generate scoped permissions to access your AWS resources using Sym's built in AWS IAM strategies and tooling
Instantly deploy your changes to staged environments with symflow watch so you can validate integrations in real time
Unit test your code using standard Python testing tools along with test event data provided by the Sym SDK

Many Common Workflows

The Sym platform supports hundreds of workflows that help teams achieve their security and compliance goals. Current customer use cases include:

Sudo for Critical Infrastructure

READ MORE
Your security posture depends on limiting access to critical infrastructure. Too many engineers with unfettered access is an accident waiting to happen. But people still need to do their jobs. With Sym, you can add a sudo-like self-approval workflow to audit and caution engineers as they modify your most important systems.

Peer-Approval for Sensitive Data

READ MORE
Reducing the scope of default access to sensitive data is a great way to build trust with customers and auditors. With Sym, you can limit the number of engineers who have access to a data store at any given time, while allowing just-in-time, peer-approved access via Slack and IAM Roles when appropriate.

Audited User Impersonation

READ MORE
Adding user impersonation or "god mode" functionality to your app can be invaluable for support and debugging. It's also a great way to leak PHI, PII, and other sensitive user data. Sym unlocks turnkey endpoint protection and auditing in Rails, Django, Express, and more.

Gated Deploys

READ MORE
Human approvals are often an important step in any CI/CD pipeline that results in artifacts being released (e.g. deploys). Services like CircleCI and Github Actions have primitives to allow steps to be gated, but these gates are not compliance-friendly. Use Sym's drop in replacements for dynamic routing, multi-party approvals, and best-in-class evidence collection.

Monitored Ephemeral Database Sessions

READ MORE
Database credentials are typically long-lived and shared, making it difficult to attribute ad-hoc queries to engineers. Use Sym to issue ephemeral credentials (e.g. from Hashicorp Vault) and log ad-hoc queries, all wrapped with our standard approval workflows.

Signed SQL Queries

READ MORE
Engineers often need to run a one-off query against a database they don't normally have access to. Instead of giving them full access, use Sym to approve individual queries without leaving Slack.

About Sym

Sym is a well-funded startup based in both Boston and San Francisco. Our founding team has decades of engineering experience spanning startups to enterprise. We’ve led multiple compliance programs and have dealt with the challenges of managing dynamic product organizations that also have stringent security and privacy requirements.
INTERESTED IN LEARNING MORE? SCHEDULE A DEMO WITH US.

Product Demo