Healthtech
Kulshan is a read-only CLI you run with your own AWS credentials. It surfaces AWS configuration signals (encryption posture, audit-log coverage, MFA enforcement, public-exposure gaps, IAM hygiene) that healthtech teams typically need to inspect when preparing for a security review.
It does not certify, validate, or attest to anything. It points at things you can verify yourself.
Each line below maps to a category of AWS configuration the security pack inspects. Kulshan reads the configuration; you read the report; your reviewer decides what matters.
0.0.0.0/0) on sensitive ports.The published IAM policy includes read-only coverage for cost and several AWS configuration areas. Treat non-cost diagnostics as evidence-gathering signals, not a complete security review. The full read-only IAM policy is at /policy.
Read this before you forward the page to anyone.
Kulshan is not a compliance certification, legal opinion, or substitute for a security/compliance officer. It checks AWS configuration signals from a read-only account scan.
Specifically, Kulshan does not:
Four steps. No vendor in the loop, no data leaving the account.
If you want a founder-led pass
If your team is preparing for a security review and would benefit from a founder-led pass over the AWS posture, send a two-sentence description of the workload shape and the timeline you are working against.
Email [email protected] with subject "Healthtech review."