vHSM for all your critical applications


Benefits


  • At the core of Dyadic’s pure-software key management system is the Dyadic vHSM. Dyadic vHSM has a mathematical guarantee of security, backed by a rigorous security proof. Dyadic vHSM does not rely on obfuscation algorithms, whitebox cryptography or security-by-obscurity techniques. At Dyadic’s core are mathematically proven algorithms based on Multiparty Computation (MPC) which allow hardware-grade key security to be achieved through a pure software solution. The key material never exists in memory, disk or over the wire at any point throughout the lifecycle of the key, including creation, in-use and at-rest.
    Learn more about MPC >


  • Dyadic’s pure software key management includes a KMIP server, and allows to protect and manage all keys from all your workloads: on-premise, in the cloud – any cloud service provider. From now on, you can use a unified cluster of Dyadic’s Enterprise Key Management to manage all your keys from multiple on-premise sites and variety of workloads on any cloud service provider. No more key management in silos!


  • Dyadic vHSM provides a truly scalable, elastic and flexible key management platform for both virtualized and non-virtualized environments. While delivering security guarantees comparable to physical HSMs, Dyadic vHSM is favored for its unmatched usability. As a software-only product, vHSM requires minimal efforts to setup, use and maintain in a variety of environments and application delivery models, including Dockers and containers, and allows you to meet even the strictest high-availability requirements.


  • vHSM can be deployed easily without disrupting the existing workflow of applications. Dyadic supports full key lifecycle management including partitioning, BYOK (Bring Your Own Key), generation, renewal, archiving and revocation of all types of standard cryptographic keys: RSA, ECC and AES keys for all purposes – encryption/decryption, digital signing and authentication. Dyadic vHSM is fully transparent to the calling application and supports all crypto API’s such as KMIP, PKCS#11, Microsoft CNG, OpenSSL engine and Dyadic SDK for .NET, Java, Python and PHP.

 


  • Dyadic vHSM allows you to customize granular admin authorization and access management rules. Firstly, Dyadic’s M-of-N Control policy allows you define a minimum number of admins (M) out of a total number of admins (N) who must work together to perform the high-security operations that you define. Secondly, you may also add another layer of access security in the application level in addition to the primary layer of server authorization.


 

  • Dyadic’s advanced content-based auditing tools gives you the full details of every decrypt or signing operation for every time a key is used. Logs include: what type of operation, the date and time of the operation; the servers from which the request was made; and the users that authorized the operation. Audit logs can be viewed from the Dyadic vHSM console or exported to a third-party tool such as a SIEM.

 

Let’s dive in together. Request a live demo and we’ll show you how it works.


Popular Topologies

vHSM lets you maintain full control of your private keys in public cloud environments. No one, not even the cloud provider, has access to your keys. Supports all types of standard cryptographic keys for all purposes.

 

vHSM lets you achieve scalable, elastic and flexible key lifecycle management in virtualized and non-virtualized environments without sacrificing the strong security guarantees offered in physical HSMs.

 

vHSM supports hybrid topologies to allow even higher segregation between key shares. This allows you to store one key share on the cloud and the other inside the enterprise, or alternatively a key could be shared between two different cloud providers.

The above topologies and many others are now possible with vHSM, fully adaptable to your requirements.
Please contact us to discuss which is right for you.