Cloud-native Secrets Management Key Vault Delivers Enterprise-grade Scalability, Reliability and UI/UX;
Moving Target Defense Enables Security Paradigm Shift for Microservices and Multi-cloud
OAKLAND, Calif — November 15, 2018 — CryptoMove, the only cloud-native secrets management key vault to provide moving target defense, today announced the launch of a private beta for its flagship solution, Tholos Key Vault. Tholos is the first API and SSH secrets management key vault to provide enterprise-grade scalability, reliability and a modern user interface—reinforced by moving target defense, an innovative security model that decreases risk by increasing entropy and randomness.
“Modern enterprises that embrace digital transformation are propagating an unmanageable proliferation of keys and secrets that can slow development cycles—or lead to catastrophic data breaches,” said Mike Burshteyn, CEO, CryptoMove. “Hardware-based solutions are too cumbersome for hyperscale computing and existing open source solutions introduce their own complexity, but Tholos is purpose-built to seamlessly integrate secrets management into DevOps, enabling a ‘shift left’ approach to application security.”
Digital transformation trends, such as cloud-native environments, multi-cloud infrastructure, containerization, microservices and the Internet of things (IoT) are generating an overwhelming collection of API keys, SSH keys, authentication tokens, certificates and other secrets. However, agile development and lean startup philosophies encourage a fast and easy approach to DevOps, which may result in these secrets being shared—in plain text—over Email, Slack and even GitHub.
Research from GitHub indicates millions of access tokens, account credentials and SSH keys have been left exposed on public repositories. This relaxed attitude toward application security has a clear enterprise risk, as there has been an increasing frequency of major data breaches due to improperly stored cloud keys.
Legacy key management solutions, such as hardware security modules (HSM), are primarily focused on encryption keys instead of API keys, making them ill-suited for DevOps processes. HSM solutions are also devoid of cloud-native capabilities, leaving them unable to support multi-cloud, containerization and microservices. A new wave of open source secrets management solutions have emerged to address some of these challenges, but they introduce their own management complexity and still lack the ability to scale.
CryptoMove Tholos Key Vault is the first cloud-native secrets management key vault to deliver enterprise-grade scalability, reliability and a modern UI/UX, enabling organizations to securely accelerate cloud and containerization development projects. Tholos is delivered as a cloud service, which requires no installation or deployment—account creation takes less than two minutes. Tholos is also available for private cloud deployments. CryptoMove provides high availability through data replication to ensure fault tolerance and disaster recovery.
“With modern devops workflows for cloud and container/services based infrastructure, secrets management becomes a really hard problem at scale,” said Tom Pageler, CISO, BitGo. “CryptoMove’s Tholos Key Vault is bringing a highly differentiated approach in this area that adds value to both developers and security teams.”
Key features and benefits of CryptoMove Tholos include:
- Seamless secrets management—Dynamically generate, rotate, share, revoke and expire API keys and other secrets through their entire lifecycle. Granular identity and access management (IAM) policies enforce access to ensure security and compliance. Automated analytics track key usage, including unauthorized user access for suspicious behavior detection. Centralized secrets recording streamlines audit and forensics.
- Programmatic application integration—Integrate APIs to retrieve secrets into applications and services programmatically, eliminating the risk of plain text secrets in code. Tholos easily integrates with AWS, Azure and GCP.
- Unparalleled Data Security—Moving target defense (MTD) fragments and encrypts sensitive data, replicating and transferring it across a system of decentralized nodes, and mutating its properties to further avoid detection by attackers. This increase in entropy and randomness increases the difficulty for attackers to identify and exfiltrate data—which increases further as the service scales—a quantifiable reduction in risk compared to stationary database encryption.
CryptoMove use cases have already been developed by the Department of Homeland Security (DHS) via its Silicon Valley Innovation Program and the National Institute of Standards and Technology (NIST) via its Global Smart City Challenge Initiative. Private beta users already include Fortune 500 financial services, healthcare services and entertainment companies. Amazon has selected CryptoMove to participate as one of ten startups at Startup Central during AWS re:Invent 2018, November 26-30.
To learn more about CryptoMove Tholos Key Vault visit: https://www.cryptomove.com/tholos-key-vault.html
To learn more about moving target defense (MTD) visit: https://www.cryptomove.com/what-is-mtd.html
Request a beta access token at https://www.cryptomove.com/TholosVaultBeta.html
Vault your keys with CryptoMove Tholos – the world’s first key vault built on CryptoMove’s moving target data protection technology. CryptoMove is developing a key vault and secrets management product for devops security that protects API keys, configs, and other app secrets with moving target defense. Globally patented. Cloud native. Team of PhD’s and distributed systems engineers. Invented Hello language. Backed by Tim Draper, Social Capital, Google’s CISO and other security leaders. Years of stealth with Fortune 500 and federal agency R&D labs including the Department of Homeland Security. CryptoMove was incubated in the Alchemist Accelerator for enterprise startups and is a member of UC Berkeley SkyDeck. SaaS product currently in private beta.