Multi-Cloud Data Security
Take Back Control
of Your Cloud Data Security

81% of organizations
use more than one public cloud provider.

Learn more

HSM Modernization:
Simplifying Data Security

Fortanix HSM Gateway makes your existing HSM keys accessible and manageable through the same unified Fortanix interface, simplifying security while protecting your investment.

Fortanix Self-Defending KMS

Fortanix Self-Defending KMS™, the world’s first unified key management platform built on HSM-grade security, secures any KMS use case including TDE, Multi-cloud and Blockchain, yet also delivers Tokenization, Secrets Management and HSM. Secured with Intel® SGX, built for cloud scale and resiliency, Fortanix Self-Defending KMS™ reduces threats, improves security and consolidates costs.

Get hands-on experience with Fortanix Self-Defending KMS and Runtime Encryption.

Our Mission


We believe that security should be deterministic. Traditionally, encryption has secured data at rest and in motion, leaving it vulnerable in use. We use Runtime Encryption® to protect data in use, providing complete security protection throughout the lifecycle of the data.

The Problem

When it comes to protecting your data, encryption is one of the most popular and effective controls. But the data must be encrypted at each step of its lifecycle.

Data at rest

Encryption of data at rest protects data when stored in digital forms on persistent media. This is typically solved by transparent data encryption or self-encrypting drives.

Data in motion

Encryption of data in motion protects data when it’s being transported. This is typically solved by Transport Layer Security (TLS/SSL) or VPN tunnels.

Runtime / Data in use?

Once the application starts to run, data in use by CPU and memory is vulnerable to a variety of attacks including malicious insiders, root users, credential compromise, OS zero-day, network intruders, and others.

Current solutions try to address this runtime vulnerability using isolation and detection. But complete protection remains elusive given the ever-increasing complexity of infrastructure and breadth of attack surface.

Fortanix Approach

Runtime Encryption®
Page 1 Created with Sketch.

A new approach is required to protect the runtime environment. The approach must assume compromise and encrypt like everyone is watching! We call this approach Runtime Encryption® . Runtime Encryption® is a class of security solutions that keeps data encrypted even when in use by applications.

Fortanix created a Runtime Encryption® platform that enables your application to process and work with encrypted data. Fortanix uses Intel SGX and creates a portable security envelope that runs signed applications in completely protected states. Fortanix protects applications even if the infrastructure is compromised. Fortanix further provides a HSM and Key Management solution built using this technology.

Learn more about Fortanix Self-Defending KMS

Fortanix Self-Defending KMS provides HSM-grade security with software-like flexibility.

Secure Cloud Adoption using Fortanix Self-Defending KMS

Key management is one of the most difficult puzzles to solve in cloud. Let us show you how Fortanix Self-Defending KMS can solve cloud key management use cases, including BYOK.​

Secure your apps with Runtime Encryption® technology

Join the Runtime Encryption® revolution to secure your applications with Fortanix technology. Contact us to get started.

Trusted by

Ready to test Fortanix Self-Defending KMS? Request a demo

Learn the details