Security + Simplicity

HSM-grade security with Software-defined simplicity
Secure any app

Self-Defending Key Management Service™

Fortanix Self-Defending Key Management Service (SDKMS) is the world's first cloud solution secured with Intel® SGX. With SDKMS, you can securely generate, store, and use cryptographic keys and certificates, as well as secrets, such as passwords, API keys, tokens, or any blob of data. Request a demo

Designed for ease of use with security you control

Secure

SDKMS provides impenetrable security to your keys and secrets. Secured with Intel® SGX and built using Fortanix's patented Runtime Encryption Technology, SDKMS ensures that you remain in complete control over your keys and secrets. Comprehensive audit logs provide you with insight into how secrets are being used, and help you meet compliance.

Simple

SDKMS provides control of and visibility into your key management operations using a centralized web-based UI with enterprise level access controls and single sign-on support. Your business-critical applications and containers can integrate with SDKMS using traditional cryptographic interfaces (PKCS#11, KMIP and more) or its native RESTful interface.

Scalable

SDKMS is built to scale horizontally and geographically as your demand for managing your keys and secrets increase. This is ensured while providing automated load-balancing, fault-tolerance, disaster recovery, and high availability. SDKMS can be deployed globally and for hybrid or multi-cloud environments.

Easy to get started

  • 1{
  • 2    "alg": "OPAQUE",
  • 3    "plain": "string",
  • 4    "mode": "ECB",
  • 5    "iv": "string",
  • 6    "ad": "string",
  • 7    "tag_len": 0
  • 8}

Use cases

Multi-Cloud Key Management

SDKMS enables you to make a secure and seamless transition to hybrid or multi-cloud. With unified HSM and Key Management capabilities and a scalable distributed architecture, SDKMS can service encryption for any application in any cloud.

Read blog on How to BYOK to the cloud

HSM as a ServiceAWSAzureGoogle CloudIBM Cloud

Data at rest Encryption

SDKMS delivers scalable distributed key storage with auto key synchronization capabilities to address strong performance and availability requirements for the encryption of a distributed database, data lake or a data storage system. With SDKMS you can start small and grow as your data needs grow.

Read KB on How to Encrypt Oracle TDE

TDEDatabase Encryption Data Lake Data warehouse IBM DB2 Oracle Storage Encryption MS SQL

Public Key Infrastructure (PKI)

SDKMS runs the entire key management inside HSM. No one other than the authorized user has access to the keys. SDKMS' scale-out distributed design ensures that it can scale to meet the rising demand for PKI fueled by Internet of Things (IoT), digital transformation and cloud-native applications.

Read KB on MS PKI

PKI CA Secure manufacturing IoT code signing document signing

Network Security (SSL/TLS)

Scale-out distributed key storage helps organizations close the encryption gap with the ability to keep all the keys (not just master key) in the HSM trust boundary. SDKMS delivers end-to-end encryption such that no key is ever outside of the trust boundary when the key is in use in memory.

Read KB on Using SDKMS for Nginx TLS

Web Servers VPN Proxy Nginx Apache SSL TLS

Consumption model

Fortanix SDKMS can be consumed as a SaaS, dedicated managed tenant or on-premises appliance depending on your business, compliance or operational requirements.

Ready to test Fortanix SDKMS? Request a demo