Aiven Security Agent for PostgreSQL®

Aiven provides an open-source solution to securely manage PostgreSQL extensions without granting superuser access. The company's Security Agent for PostgreSQL (aiven-gatekeeper) controls which privileged functions are exposed and prevents their abuse in common privilege escalation attacks. It uses three criteria for risk assessment: creating_extension, is_elevated, and is_security_restricted. The agent also blocks access to certain built-in functions and writes to internal tables. Aiven has received third-party validation of the solution from Leviathan Security Group.