Automate PKI systems issue identity certificates without vetting the receiving entity. Their objective is to build a TLS or mTLS connection quickly rather than to assure trust of the workload holding the certificate. The chain of trust is with the certificate authority and not the workload.
Hopr uses a workload identity credential that rotates and is verified at every communication session. Hopr's identity credential preserves a chain of trust in the workload.
When containers rely on external IAM services for credentials, their portability across environments is constrained by complex re-configurations. Moving containers from one cloud to another for improved performance or cost savings is complicated and time-consuming.
Hopr's sidecars contain their own identity management system and secrets manager. This liberates their host workloads from external IAM services so they can be moved to any cloud environment yet retain their identity and trust.
Configuring mTLS connections in large networks of multiple clusters, data centers, and clouds is complicated, error prone, requires highly-skilled DevSecOps, and a lot of time.
Hopr's Synchronous Ephemeral Encryption is packaged in a sidecar container, configured by DevOps with average skills, and deployed with each workload in minutes.