Hopr named as AMTD leader in Gartner's "Hype Cycle for Endpoint Security, 2023"
x

Machine Identity Trust Verified At Every Session

Identity Trust is the foundation of cloud security and it should be frequently verified.

Machine Identity, based on PKI Certificates, does not meet 'Zero Trust' principles

PKI identity certificates are automatically issued to machines without vetting their identity. Trust only extends to the automated certificate authority and not the machine receiving a certificate.

Automated PKI certificates are issued upon request

The speed and scale of the cloud requires automation of PKI certificates needed to build TLS and mTLS communication encryption. The automated PKI tools must sacrifice machine identity trust to achieve the speed needed for encryption.

Hopr's Solution

Issue a machine ID credential once, at DevOps deployment, and then preserve that trust by verifying the identity credential at the start of each communication session.

Learn More
abstract icon of a certificate

Replacement certificates produce untraceable machine identities.

When PKI certificates expire, their replacement issued from a certificate authority gives a machine an entirely new and different identity. All association with a machine's prior identity is lost.

Hopr's Solution

Frequently rotate the identity credential using a cryptographic derivative of the machine's prior activity history. Decentralized rotation preserves the chain of trust.

Learn More

PKI Certificates increase key storage and management burdens.

PKI certificates are cryptographic keys that must be secured, retrieved, and managed through external cloud services that add cost and complexity.

Hopr's Solution

Rotate the identity from within secure decentralized 'sidecars' deployed with each machine.

Learn More

Learn About AMTD on Steroids

An Automated Moving Target Defense prevents attacks. But Hopr's AMTD goes further and ensures workloads are trusted, data-in-transit is encrypted, and malware is never delivered.
Read the Paper

Valuable Benefits

Lower cyber risk
Decentralized frequent rotation of a machine identity credential prevents credential theft attacks.
True Zero Trust
Verification of the machine identity credential at every session assures high trust.
Fast time-to-value
Deployment with a workload automatically initializes the sidecar's internal identity management system.
Lower costs
Elimination of cryptographic key management costs associated with PKI cryptographic material.
Simple deployment
The entire identity management system is self-contained in a 'sidecar' for DevOps-friendly deployment.
No code changes
No changes to existing application code or API endpoints is needed.

Compelling Advantages

High trust that is verified at every session.
Machine identity trust is never vetted and is only assumed.
Frequent, decentralized, credential rotation prevents machine attacks.
Static credentials may be stolen and misused without detection.
Simple and fast deployment is DevOps friendly.
Automated PKI certificate authorities and key management are complicated to implement.

Discover How AMTD is a Winning Defense

Schedule a 15-minute discovery call with one of our experts to discuss your use case and learn how Hopr's automated moving-target defense can prevent cyber attacks on your business.
Schedule a Call
Gartner, Hype Cycle for Endpoint Security, 2023 Franz Hinner, Satarupa Patnaik, Eric Grenier, Nikul Patel, et al.., 1 August 2023. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.