Hopr named in the 2023 Gartner® "Emerging Tech: Security - The Future of Cyber Is AMTD" report

Tough security problems?
Try a new defense

Use Cases

hopr’s innovations transform current products.

One username and password that gets you into all of your accounts and changes everyday.
A secrets manager that is cloud agnostic, rotates secrets as often as you want and update each system immediately.
An employee authentication solution that provides security of MFA with the convenience of SSO with only email.

Kickstart your next project and grow your revenue with this high-converting, beautifully crafted template.

Trusted by more than 2,000 businesses

We defend against

credential theft and misuse.

exfiltration of secrets used in authentication.

sniffing for secrets contained in messages.

malicious traffic sent to APIs.

disclosure and tampering of sensitive data.

man-in-the-middle attacks.

connections from untrusted workloads.

Four parts of an effective Zero Trust AMTD

Hopr combines a novel algorithm and high frequency credential rotation to create hardened communications between workloads - a new form of Automated Moving Target Defense (AMTD) - and add verifiable rotating workload identity credentials for zero trust (ZT).
hybrid and multi-cloud graphic icon
CHIPS™ Technology

Code Hidden In Plain Sight (CHIPS) form the seed material that produces identical symmetric keys at two locations anywhere in the world.

graphic icon of shield and two gears for positive security
End-to-end encryption

Identical symmetric keys, built by containerized workloads, are used to encrypt and decrypt their messages. Messages are confidential and tamper-proof over the entire route between workloads.

graphic icon of two connected workloads
Verified workload identity trust

Workload identities preserve a chain of trust and rotate frequently. They are verified at each communication session with another workload.

Abstract graphic icon of a containerized workload with rotating credentials.
High Frequency Rotation

Workload credentials autonomously rotate at a high frequency. They change much faster than an threat actor can discover and misuse them.

Convert traffic into sales

We agonize over the details to make sure that our templates are high-converting and high-performing while being easy to use and to integrate with all your favorite tools.

Learn how Zero Trust AMTD delivers value

Threat actors roam inside enterprise networks and love unsecured transport. Security specialists favor a Moving Target Defense for its effectiveness in preventing attacks. Hopr applies a new form of AMTD to achieve true zero trust security.

Five Use Cases for
Zero Trust AMTD

An "mTLS everywhere" alternative

  • Implementing the mTLS protocol is complex and time consuming, particularly across clouds.
  • The mTLS protocol is not supported everywhere in commercial clouds and may terminate before a destination endpoint is reached.

Hopr's solution:

It's like mTLS on steroids, but simpler to deploy and more powerful. End-to-end encrypted communications channels between trusted workloads guarantee data integrity and confidentiality across all clouds.
Learn about Hopr's "mTLS everywhere" alternative
Abstract graphic icon depicting end to end decrypted communication channel through the cloud
graphic icon of a gear, malicious attacks, and an API object

API Discovery and Threat Protection

  • APIs exist everywhere in the cloud. Some are “shadow” APIs created in development and not documented.
  • Few API security solutions protect both the client and API endpoints from attack.
  • API keys are sniffed, removed, and used by threat actors to steal valuable data.

Hopr's solution:

Hopr's AMTD hardens client and API endpoints to prevent attacks. Only trusted workloads possess the rotating credentials needed to connect to the API endpoint. All untrusted traffic received by an endpoint is rejected.
Learn how to protect APIs from attack

Zero Trust Machine Identity

  • Automated PKI certificates lack identity vetting necessary for zero trust.
  • Automated PKI certificates may be self-signed or operate without expiration.

Hopr's solution:

Hopr assigns a machine identity credential to machines once when trust is established at registration. And then preserves a chain of trust with decentralized credential rotation and verification thereafter.
Learn about Machine Identity Trust
Abstract graphic of a containerized workload with an envoy-Hopr sidecar
abstract graphic of two XTRA workloads operating in the cloud

Secure Automated Machine-to-Machine Operations

  • Microservices use workloads that rely on APIs to exchange data within enterprise networks.
  • Vulnerabilities from unsecured transport can leave API keys open to theft and misuse

Hopr's solution:

Hopr applies a zero trust moving target defense to protect microservices and machine-to-machine operations in all clouds. We rotate two workload credentials at a high frequency.
Learn about Hopr's Zero Trust security

Micro-segmentation of workloads

  • Insider threat actors move laterally when workloads are easily accessible
  • Network segmentation is too coarse to isolate workloads into small segments.

Hopr's solution:

Hopr isolates workloads in segments as small as two workloads using a simple DevOps-friendly process. We can discover unknown workload connections and block untrusted connections.
Learn about Hopr's micro-segmentation
Abstract graphic of six workloads segmented into two groups

Talk to an expert

Schedule a 15-minute discovery call with one of our experts to discuss your needs and if Hopr's moving-target defense can enhance the protection of your critical business services
Schedule a Call

Solutions FAQ

How does hopr reduce operating costs?

Hopr does not use PKI, TLS, mTLS, or static keys that require expensive services for large numbers of workloads in digital enterprises. This reduces those costs, but also eliminates service interruption costs when PKI certificates unexpectedly expire.

Can Hopr work with any infrastructure?

Hopr can work with any containerized infrastructure. Hopr is compatible with Kubernetes, Docker Swarm or other Infrastructure as a Service platforms that use containers.

What are the various types "workloads" that work with Hopr?

"Workloads" is a general term for machines and devices that operate through the cloud. It includes VMs, containerized infrastructure, mobile devices, and IoT.

Do both the client and server need a Hopr Sidecar for the solutions to work?

Yes. A Hopr Sidecar must be configured and deployed (a simple DevOps-friendly process) with each enterprise workload for the Zero Trust AMTD protections to occur.

Do both workloads need the same sidecar or can they have different sidecars?

Sidecars contain tens of thousands of CHIPS algorithms. They must be configured to use the same algorithm if they are to establish the ZT MTD. Sidecars may be configured to use different algorithms when segmentation of workloads is desired.

Do I have to modify my apps and APIs to use Hopr's solutions?

No. Hopr's technology does not required modifications to the code of existing applications or APIs. Our technology is containerized and deployed with workloads. Protective features deliver security immediately after deployment to production.

How many API calls and responses are in a session?

A "session" is like a conversation between two workloads. It can be a series of API calls (from a client) and responses (from the API/server) needed to complete a service or function. Any number of API calls can occur in a session and depends on how an application is configured.

How do Hopr's solutions meet Zero Trust?

Zero Trust requires verification of trust. Hopr rotates workload identity and secret credentials at a high frequency with our CHIPS technology and protocol. And we verify both credentials at the start of each session to guarantee the authenticity and trust of both workloads in a communication session.

Abstract Graphic of workload, XTRA sidecar, and YAML file icons

Try Our Tech

Apply to participate in our free beta program. Experience the simple effectiveness of CHIPS technology with your own workloads and data.

Onboarding is fast, and we provide bespoke, self-paced support.
Sign Up for Free
Gartner, Emerging Tech: Security — The Future of Cyber Is Automated Moving Target Defense, Lawrence Pingree, Carl Manion, et al.., 28 February 2023. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.