Skip to content
How can we help you get to know oak9 better? Check out the answers to our most frequently asked questions. Looking for product support? You’ll find that here too. Want to talk to an oak9 team member?
How does oak9 access my IaC?

Send your IaC to oak9 via a CI/CD plugin (Jenkins, Azure DevOps, GitHub Actions) or our CLI tool.

How does oak9 access my cloud?

Provide oak9 read-only credentials to scan your AWS or Azure cloud.

How do I provide oak9 read-only credentials to scan my AWS or Azure cloud?

Authorize oak9 to scan your source code repository (GitHub, Bitbucket) and submit remediation pull requests.

How do I find my design gaps?

Design Gaps can be found by navigating to a project’s details page and looking at the bottom panel. By default, you will see all gaps; clicking on “Resource” will filter to only that resource’s gaps.

What are Design Gaps? 

Design Gaps can be security vulnerabilities that compromise your cloud or inadequacies that prevent your cloud from complying with security frameworks. oak9 will identify and show you where design gaps exist; explain the impact of gaps; and help you resolve gaps so your cloud is secure and compliant.

What data does oak9 use and store?

oak9 may store the following based on the type of integration you select:
Credentials to access a cloud provider, repository, CI/CD pipeline, or workflow system
IAC code scanned (repository, CI/CD, CLI integrations)
Point-in-time state of resources, including identified design gaps

What level of access will oak9 need to my IaC?

oak9 only requires read-only to your cloud. You can see the exact permissions required for AWS and Azure. ( links for AWS & Azure)

How can I see if my keys are active?

AWS: Browse to IAM > Users > Security credentials tab. Locate your access key and verify the status is Active.
Azure: Browse to App Registrations. Select your app and click on Certificates and secrets. Verify the expiration date.

Can you explain the onboarding steps? 

Step 1: We’ll identify your user persona so we can focus on what information is most important.
Step 2: Select applicable compliance objectives.
Step 3: Choose a suitable integration (IAC or cloud path) for your project.

What resources oak9 can scan?

Azure API
Azure Terraform
AWS Terraform

What do all the resources on visual designer mean?

These represent the cloud infrastructure that was part of the most recent oak9 scan.

When do you use snooze vs policy exception?

Snooze is used in reference to the specific resource being reported. Policy exceptions prevent a specific design gap from being reported across all resources in a project or the entire organization.

How do we work on multi-cloud environment?

Currently each cloud environment would need its own oak9 project.

What is a “project” in oak9?

A project represents the set of cloud resources needed to serve an application.

Does oak9 store credit card information?

No, oak9 does not store your payment information. If you signed up through the AWS or Azure Marketplace, they act as a payment broker.

Are cloud and repository projects validated at regular intervals or are they continuously monitored? 

We currently validate cloud and repository projects at the frequency of your choice, as well as the ability to initiate on-demand scans. We will soon support real-time validations of repositories when commits are pushed to or pull requests are opened against a targeted branch.