HSM Modernization:
Simplifying Data Security

Fortanix HSM Gateway makes your existing HSM keys accessible and manageable through the same unified Fortanix interface, simplifying security while protecting your investment.

Google Cloud Platform Collaborates with Fortanix to Deliver External Key Management System for Public Cloud


Businesses Able to Migrate Sensitive and Private Data to Public Cloud without Giving Up Control of Encryption Keys

Fortanix Self-Defending KMS

Fortanix Self-Defending KMS™, the world’s first unified key management platform built on HSM-grade security, secures any KMS use case including TDE, Multi-cloud and Blockchain, yet also delivers Tokenization, Secrets Management and HSM. Secured with Intel® SGX, built for cloud scale and resiliency, Fortanix Self-Defending KMS™ reduces threats, improves security and consolidates costs.

Get hands-on experience with Fortanix Self-Defending KMS and Runtime Encryption.

Fortanix Awarded FIPS 140-2 Level 3 Certification

Fortanix Awarded FIPS 140-2 Level 3 Certification Enabling Businesses to Replace Legacy Encryption Hardware with a Modern Encryption Platform. Fortanix Runtime Encryption Appliance Unifies Key Management, HSM, Tokenization and Shared Secrets into a Single Secure Encryption Platform

Read press release

TM: A Certification Mark of NIST, which does not imply product endorsement by NIST, the U.S. or Canadian Governments

Runtime Encryption® – A New Paradigm in Security

Imagine Applications running so securely that even if the Infrastructure, the OS or even root access are compromised, the app remains secure.

This is what Fortanix RunTime Encryption®(RTE) is all about. RTE keeps applications, their data and their keys, fully encrypted while running. Using Intel® SGX, Fortanix® creates a virtually impenetrable fortress that runs signed applications in completely protected states. ​

Equinix SmartKey powered by Fortanix – HSM as a Service

Powered by Fortanix, Equinix SmartKey™ is a SaaS-based secure key management and cryptography service which protects data in public, private, hybrid or multicloud environments.

Register for SmartKey

Our Mission


We believe that security should be deterministic. Traditionally, encryption has secured data at rest and in motion, leaving it vulnerable in use. We use Runtime Encryption® to protect data in use, providing complete security protection throughout the lifecycle of the data.

The Problem

When it comes to protecting your data, encryption is one of the most popular and effective controls. But the data must be encrypted at each step of its lifecycle.

Data at rest

Encryption of data at rest protects data when stored in digital forms on persistent media. This is typically solved by transparent data encryption or self-encrypting drives.

Data in motion

Encryption of data in motion protects data when it’s being transported. This is typically solved by Transport Layer Security (TLS/SSL) or VPN tunnels.

Runtime / Data in use?

Once the application starts to run, data in use by CPU and memory is vulnerable to a variety of attacks including malicious insiders, root users, credential compromise, OS zero-day, network intruders, and others.

Current solutions try to address this runtime vulnerability using isolation and detection. But complete protection remains elusive given the ever-increasing complexity of infrastructure and breadth of attack surface.

Fortanix Approach

Runtime Encryption®
Page 1 Created with Sketch.

A new approach is required to protect the runtime environment. The approach must assume compromise and encrypt like everyone is watching! We call this approach Runtime Encryption® . Runtime Encryption® is a class of security solutions that keeps data encrypted even when in use by applications.

Fortanix created a Runtime Encryption® platform that enables your application to process and work with encrypted data. Fortanix uses Intel SGX and creates a portable security envelope that runs signed applications in completely protected states. Fortanix protects applications even if the infrastructure is compromised. Fortanix further provides a HSM and Key Management solution built using this technology.

Learn more about Fortanix Self-Defending KMS

Fortanix Self-Defending KMS provides HSM-grade security with software-like flexibility.

Secure Cloud Adoption using Fortanix Self-Defending KMS

Key management is one of the most difficult puzzles to solve in cloud. Let us show you how Fortanix Self-Defending KMS can solve cloud key management use cases, including BYOK.​

Secure your apps with Runtime Encryption® technology

Join the Runtime Encryption® revolution to secure your applications with Fortanix technology. Contact us to get started.

Trusted by

Ready to test Fortanix Self-Defending KMS? Request a demo

Learn the details