CryptoMove Launches Private Beta for Tholos Key Vault to Secure Cloud Native Development
November 2018 by Marc Jacob
CryptoMove announced the launch of a private beta for its flagship solution, Tholos Key Vault. Tholos is the first API and SSH secrets management key vault to provide enterprise-grade scalability, reliability and a modern user interface—reinforced by moving target defense, an innovative security model that decreases risk by increasing entropy and randomness.
Digital transformation trends, such as cloud-native environments, multi-cloud infrastructure, containerization, microservices and the Internet of things (IoT) are generating an overwhelming collection of API keys, SSH keys, authentication tokens, certificates and other secrets. However, agile development and lean startup philosophies encourage a fast and easy approach to DevOps, which may result in these secrets being shared—in plain text—over Email, Slack and even GitHub.
Research from GitHub indicates millions of access tokens, account credentials and SSH keys have been left exposed on public repositories. This relaxed attitude toward application security has a clear enterprise risk, as there has been an increasing frequency of major data breaches due to improperly stored cloud keys.
Legacy key management solutions, such as hardware security modules (HSM), are primarily focused on encryption keys instead of API keys, making them ill-suited for DevOps processes. HSM solutions are also devoid of cloud-native capabilities, leaving them unable to support multi-cloud, containerization and microservices. A new wave of open source secrets management solutions have emerged to address some of these challenges, but they introduce their own management complexity and still lack the ability to scale.
CryptoMove Tholos Key Vault is the first cloud-native secrets management key vault to deliver enterprise-grade scalability, reliability and a modern UI/UX, enabling organizations to securely accelerate cloud and containerization development projects. Tholos is delivered as a cloud service, which requires no installation or deployment—account creation takes less than two minutes. Tholos is also available for private cloud deployments. CryptoMove provides high availability through data replication to ensure fault tolerance and disaster recovery.
Key features and benefits of CryptoMove Tholos include:
Seamless secrets management—Dynamically generate, rotate, share, revoke and expire API keys and other secrets through their entire lifecycle. Granular identity and access management (IAM) policies enforce access to ensure security and compliance. Automated analytics track key usage, including unauthorized user access for suspicious behavior detection. Centralized secrets recording streamlines audit and forensics.
Programmatic application integration—Integrate APIs to retrieve secrets into applications and services programmatically, eliminating the risk of plain text secrets in code. Tholos easily integrates with AWS, Azure and GCP.
Unparalleled Data Security—Moving target defense (MTD) fragments and encrypts sensitive data, replicating and transferring it across a system of decentralized nodes, and mutating its properties to further avoid detection by attackers. This increase in entropy and randomness increases the difficulty for attackers to identify and exfiltrate data—which increases further as the service scales—a quantifiable reduction in risk compared to stationary database encryption.
CryptoMove use cases have already been developed by the Department of Homeland Security (DHS) via its Silicon Valley Innovation Program and the National Institute of Standards and Technology (NIST) via its Global Smart City Challenge Initiative. Private beta users already include Fortune 500 financial services, healthcare services and entertainment companies. Amazon has selected CryptoMove to participate as one of ten startups at Startup Central during AWS re:Invent 2018, November 26-30.