Fortanix® Inc., the leader in Runtime Encryption, today announced that its Self-Defending Key Management Service™ (SDKMS) extends Runtime Encryption® protection beyond cryptographic keys and private data with the industry’s first Runtime Encryption® Plugin™ to secure sensitive application code.
The new Fortanix Plugin allows customers to run sensitive business logic inside a trusted environment. The Plugin is developed in standard programming languages and is deployed in minutes without needing additional licenses, complex toolkits, or professional services. Customers or developers can customize the application code and processing of keys for their business requirements using scripting or high-level languages, and execute that business logic in the secure and trusted environment that Fortanix provides.
“Fortanix is pioneering this new industry category of Runtime Encryption® that is a class of security solutions delivering deterministic security to customers by keeping data encrypted during use,” said Ambuj Kumar, Fortanix CEO and co-founder. “Fortanix is now extending this same level of protection to sensitive application code where organizations need to implement custom business logic. Customers develop and deploy the Fortanix Plugin without complex toolkits or professional services.”
Leveraging Intel® Software Guard Extensions (Intel® SGX), Fortanix’s SDKMS is the world’s first cloud solution delivering Runtime Encryption® technology to protect applications and data during use. Runtime Encryption® allows general-purpose computation on encrypted data without exposing sensitive data to untrusted operating systems, root users, cloud providers, or malicious insiders. Fortanix delivers complete and deterministic privacy, as data remains encrypted and completely protected from cloud providers, system administrators, insiders, and network hackers.
“Intel applauds Fortanix’s commitment to delivering Runtime Encryption,” said Rick Echevarria, Vice President, Software and Services Group, and General Manager, Platforms Security Division at Intel. “We are pleased to see Fortanix utilize Intel® SGX technology, which enables data protection and key management solutions that scale for the modern cloud era.”
The Runtime Encryption® Plugin capability is critical for applications that contain sensitive intellectual property or for applications processing sensitive data or cryptographic keys. The protection delivered by the Plugin is necessary for implementation of custom cryptographic keys, and for runtime in uncontrolled environments such as outsourced manufacturing. The Runtime Encryption® Plugin framework is designed for ease of use and deployment. Application developers can create a Plugin using scripting or high-level languages, while administrators can centrally upload, deploy, and manage the Plugin.
Based on strong customer feedback, Fortanix has also added Single-Sign On (SSO) for authentication and integration with SIEM solutions for auditing. Fortanix uses industry standard SAML specifications, including support for leading identity providers such as Okta and Active Directory Federation Services (ADFS). Customers can now enter their company-managed SSO credentials to access SDKMS.
SDKMS provides central audit logs that are tamper-proof and provide detailed insight into how keys are being used. SDKMS has enhanced the audit log capability so events can be integrated with syslog, allowing customers to monitor SDKMS activity using the SIEM platform of their choice. With the integration of the audit logs, organizations can centrally monitor, analyze and receive alerts on critical cryptographic and key management activity of SDKMS. This ensures that SDKMS is well-integrated into an organization’s security operations and eliminates the risk of cryptography services being siloed.
Secured with Intel® SGX, Fortanix’ SDKMS is the world’s first and only key management solution that is cloud agnostic, built to scale, and provides software flexibility with hardware security module (HSM) grade security. Organizations use SDKMS to secure their sensitive cloud and traditional applications, including digital payments, PKI systems, IoT applications, silicon manufacturing, and remote TLS terminations – all while drastically reducing integration complexities and expenses.
Fortanix, Runtime Encryption, and Self-Defending Key Management Service are trademarks of Fortanix, Inc. All other trademarks are the property of their respective owners.