FAQ

Questions, answered

The things people ask most before they try Korvalis. Still stuck? Join the waitlist and we will answer directly.

The basics

What does Korvalis do?

Korvalis installs inside your own cloud account, watches what your live sessions are actually doing, and shuts down any session that turns destructive on its own, in seconds. It also hands out cloud access that expires by itself, so fewer people hold standing keys to production.

Does Korvalis work with AWS, Azure, and GCP?

Yes. Korvalis is built to connect to any of the major clouds, and any account can connect any cloud regardless of plan. Support depth varies by provider as we roll out, so ask us about your exact setup.

How long does it take to set up?

About half an hour. Korvalis starts in observe mode, so from day one it watches and tells you what it would have done without touching anything. You turn on active protection when you are comfortable.

Do I need a security team to run it?

No. Korvalis is built for teams that do not have a dedicated security hire. It runs inside your cloud and does the watching for you, without a proxy to manage or a new system to babysit.

Protection

Can Korvalis stop someone from deleting the production database?

Yes. Korvalis reads the intent of a whole session rather than matching single commands against a blocklist. When a session moves to destroy something like a production database, Korvalis can terminate it in seconds.

Does Korvalis stop AI agents from deleting production?

Yes. Korvalis acts on what a session is doing, whoever or whatever is behind it. A human mistake, a leaked key, a contractor, or an AI coding agent all get judged the same way, on intent.

Is it safe to turn on? Will it kill legitimate work?

You start in observe mode and watch it be right on your real traffic before it can act. For planned destructive work like a migration, you open a maintenance window so protection pauses and then switches back on automatically.

Access and data

What is just-in-time or temporary access?

Instead of holding keys to production all the time, someone requests access when they need it, for the task at hand. Once approved, Korvalis issues short-lived credentials that stop working when the window ends. There is nothing to remember to revoke.

Is Korvalis a proxy? Does my traffic run through it?

No. Korvalis is not a proxy. It installs inside your own cloud account and acts there. Your traffic and your data stay in your environment.

Can I bring my own AI model?

Yes. Korvalis is model-agnostic and lets you bring your own key, so the analysis runs on a model you control. Client isolation is a hard requirement for us, not an afterthought.

Pricing

How much does Korvalis cost?

You can start free. Paid protection begins at $99 per month when you turn it on, priced per cloud account. Full details are on the pricing page.

Want the deeper version? Read how detection and temporary access work, or see what each plan includes.