Self-Defending Key Management Service™

Fortanix Self-Defending Key Management Service (SDKMS) is the world’s first cloud service secured with Intel® SGX. With SDKMS, you can securely generate, store, and use cryptographic keys and certificates, as well as secrets, such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with SDKMS using legacy cryptographic interfaces or using its native RESTful interface.

HSM-grade security at the cost of software

SDKMS provides impenetrable security to your secrets. SDKMS is built using Fortanix’s patented Self-Defending Technology, which ensures that no cloud provider, no service provider, not even Fortanix can access your keys and secrets.

Visibility and compliance

SDKMS provides visibility into your key management operations and usage of secrets using a centralized dashboard for administrators. Complete and detailed audit logs and usage reports provide you insight into how secrets are being used in your environment, and help you meet your compliance requirements.

Scalability and resiliency

SDKMS is built to scale horizontally and geographically as your demand for managing your keys and secrets increase. This is ensured while providing fault-tolerance, disaster recovery, and high availability.

Try it now

SDKMS is available as a managed service hosted in Fortanix cloud, which is available in many regions globally to provide reduced latency. SDKMS is also available as an on-premise hosted service. Please get in touch with us at to discuss how you can use Fortanix SDKMS to secure your applications.

Use cases

Public Cloud

Fortanix allows you to run your applications securely in public clouds with complete privacy from the cloud provider. You may migrate your sensitive applications to public clouds and reduce your operating expense without compromising on security. Your applications maintain the exact same behavior as before. Integration with Fortanix requires minimal involvement from your developers.

Malicious Insider

An insider who has access to root credentials is seemingly impossible to stop. Often, these root credentials are harvested through phishing attacks, privilege escalation, or by targeting service accounts. Traditionally, no application has had any privacy from such a root insider. Fortanix changes the rule of the game! Our provable, portable, preventive security applies to your applications even when a malicious insider has root credentials or physical access to the machine.

Insecure/Co-located Facilities

Running a sensitive application inside a shared facility no longer means compromising on security. Fortanix secures your application at its core, allowing you to run it with cryptographic protection across the globe where a network firewall or physical security may not provide sufficient peace of mind.

On-premise High Value Applications

Services like authentication, access control, and key management are high value targets and are the crown jewels of your enterprise. A compromise of these services can be devastating. With provable security from Fortanix, these applications are secure from both insider and outsider attacks.

Ready to test Fortanix SDKMS? Request a demo