Home
Solutions
How It Works
Blog
Differentiators
Terms of service
About
Privacy Policies
SolutionsHow It WorksUnique FeaturesProductBlog
Contact us

Articles about

Machine Identities and Secrets

An Unintentional Secret - Automated TLS and its Zero Trust Fallacy

Transport Layer Security (TLS) and its companion, mutual TLS (mTLS) are stalwart security protocols known for encrypting communications over the Internet. When they are applied to root domains (such as is the case for Web domains and browsers) they represent identity trust. However when they are implemented with automated PKI certificates, they lose an important security quality: identity trust. Due to the speed and scale of cloud automation, the intermediate certificate authorities that issue PKI certificates eliminate vetting of the receiving identity (a containerized workload).

Tom McNamara

March 11, 2023

Machine Identity - Who’s Who in the Cloud?

Identities for machines operating in the cloud, like humans in the natural world, are an important quality that is essential to trust, authorization, and authentication. Machines are identified by cryptographic material that takes the form of a certificate. But in the cloud, it is challenging to find, track, and manage the many certificates that are dynamically assigned and used. New approaches to managing machine identities in a zero trust cloud environment are needed to realize secure business operations in the cloud.

Tom McNamara

September 13, 2022

Keeping Secrets Is Hard

Keeping secrets is hard because they have to stay secret to deliver security. And for machines and workloads in the cloud the consequences to lost secrecy can ripple through the entire business and bring down many digital operations in an instant. Leakage of digital secrets occurs almost naturally over time; disclosure eventually happens and secrecy is lost. But the risk of lost secrecy and the impact to cloud operations is minimized with the right tools.

Tom McNamara

September 13, 2022

When Zero is a Good Thing

As businesses migrate more of their critical processes and data to the cloud and procure SaaS solutions, their attack surface grows significantly. This makes it harder to achieve a zero trust posture, and more risk occurs for employees with the Secret Zero to everything. While tools such as Machine Identity Managers and Secrets Managers (vaults) are improvements for today, they do not solve the growing problem of competition between zero trust and ever-scaling attack surfaces. A strategic solution that responds to the challenges in new ways is needed. (click to read more)

Tom McNamara

September 13, 2022

Subscribe to our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
SolutionsHow It WorksUnique FeaturesProductBlogContact usAboutPrivacy policiesTerms of service
Strengthen API ProtectionXTRA ProtectionSecurity
Automated Moving Target Defense

Never Miss Updates

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Hopr is a moving target defense platform that provides 'zero trust' protection for workloads, APIs, and data.

Our solutions perform in real time and in all cloud environments (on-premises, commercial, and hybrid).
copyright 2021-2023 | Hopr Corporation
CHIPS is a trademark of Hopr Corporation
CHIPS technology and protocol are protected
by US Patents and patents pending.