rmBug

rmBug provides identity-based database access management that lets teams know exactly who is connecting to their databases — humans, AI agents, and automation alike. Engineers authenticate via SSO and get time-limited access through the tools they already use, while AI agents and CI/CD pipelines receive their own machine identity, credentials, and access policies. Every connection is named, every query is logged, and the entire system deploys in under 10 minutes without VPN tunnels or firewall changes.

• Identity for every connection — Engineers authenticate via SSO; AI agents and CI/CD pipelines authenticate via API key, each with their own RBAC role and audit trail.
• Time-limited access — Engineers request access for a defined duration; approvals can be manual, automatic, or always-on for trusted teams.
• Machine identity built in — Register AI agents, CI/CD pipelines, and automation scripts as org members with their own grants, security settings, and audit trail — not just tagged sessions.
• Full query audit logging — Session metadata, query text, PII redaction, and policy decisions are all captured in a tamper-evident, searchable audit log.
• Query firewall — Block dangerous operations before they execute, with rules configurable per resource, role, or environment.
• Works with existing tools — psql, mysql CLI, TablePlus, DBeaver, and DataGrip all work via a local transparent proxy — no client changes required.
• No network changes required — Deploy a gateway inside your VPC; engineers connect through rmBug's secure relay without VPN tunnels or bastion hosts.
• Compliance-ready — Audit trail, access controls, and credential isolation support SOC 2, HIPAA, SOX, and ISO 27001 requirements.
• Concurrent agent billing — Buy a pool of concurrent connection slots for automation rather than per-agent seats; unlimited agents can be registered.
• Credential isolation — Database credentials are stored encrypted and injected by the gateway; engineers never see or handle passwords directly.