Improve your dev team security, sleep better.

Knox is a SaaS (Secrets as a Service) that helps you manage your keys, secrets, and configurations. Start in minutes and close the widest security breach.

Try Knox for free

You cannot keep storing secrets in your git repo or sharing them by email or slack messages! It’s 2021!

Add a protection layer around your most valuable secrets

No system is 100% secure. But when malicious individuals get access to your secrets, they can harm your organization in catastrophic proportions.

Time constraints push us to ignore the obvious threats

How many times have you seen the admin@mystartup.com account with the password mystartup123? Don’t lie, we have all done that. We have all pushed secrets in a .env file in the git repo that all the interns and contractors can access.

Discipline is hard

Because until it’s too late, everything is ok. We always postpone setting up even the most basic security measures.

The cost of not fixing this problem right now is zero

The cost when the shit hits the fan could be the survival of your company. When you are Twitter and a few celebrities accounts get hacked to scam Bitcoins, you are ok. When you are a startup with 50 clients and they see their data exposed, you are dead.

Try Knox for free

A simple process

step 1Store your secrets

We made you a simple web interface to store your secrets in the cloud.

step 2

Grant access

For each environment of each project, you can add users who get access to a token allowing them to query the environment secrets.

step 3Get the secrets

With his token, the user (or the server) can query our server to get all the secrets of a target environment for a target project.

~ curl https://knox-app.com/api/get-secrets?format=envfile&token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > .env

step 4Update the secrets

If you update the secrets, your users will be able to access the new version without changing their token

step 5Revoke the token

If you think that a token has been compromised or if a member of your team has left, revoke the token or delete the user.

Try Knox for free

Bonus points

Easy integration

You don’t need any integration, SDK, or custom CLI. Knox works with any CI, server, dev environment, or platform able to make an https request.

All your keys and secrets in the same place

An AWS secret, a public Google analytics key, or even a build target are the kind of things that your service needs. Whether you are in production or on your local machine. Get all those elements as variables for your current environment in a single call. And manage them when they change in a single place, they will be up to date for the next call.

Configurations

We did not expect this one. But it appears that people are using knox for congigurations like root urls, public S3 bucket urls... Public data that differs between environments.

Easiest SaaS you’ve ever tried

You don’t have to set up anything. You can be up and running in minutes. Our documentation is ONE page, not one hundred.

Fully managed

We make sure that everything is always running smooth for you.

Try Knox for free

So, you want to increase your cybersecurity with one simple step?

You can set up the free project in minutes and use it forever. It may even be enough for your project needs.

Try Knox for free