Hopr named in the 2023 Gartner® Emerging Tech: Security - The Future of Cyber Is AMTD report

XTRA Protection for Workloads, APIs, and Data

Automated Moving Target Defense (AMTD) that prevents attacks on workloads, APIs, and data inside the enterprise.

Animated graphic depicting moving targets in XTRA

But XTRA can.

Zero Trust AMTD Security

Secure East-West and North-South traffic with a zero trust
automated moving-target defense

Graphic diagram of containerized workloads with envoy-XTRA sidecar
High frequency credential rotation.
Identity and secret credentials rotate at every session between two trusted workloads.
Secrets are built by XTRA Sidecars and remain there.
Secrets are never passed outside the sidecar where they can be discovered and misused.
End-to-end encrypted communication.
Symmetric encryption guarantees only messages between trusted workloads reach the endpoints.
Keys vanish after each session.
There are no keys to store and every session produces a new secret credential.
Workload identity is verified
We verify a rotating workload identity credential at the start of each session to ensure the two workloads are trusted.
Integrated with Envoy proxy.
XTRA leverages the listeners, filters, and routing of Envoy for easy deployment with containerized workloads.

Four easy steps to XTRA protection

Say goodbye to the pain points of PKI identity management, expiring certificates, finicky mTLS configurations, costly secrets stores, credential theft, and malicious attacks on your workloads.
Graphic  front view illustration of a motorcycle sidecar attached to an app icon
Register and obtain a Sidecar

Once an enterprise is registered with Hopr, DevOps staff are trusted to register enterprise workloads and obtain an XTRA 'sidecar' (a container image file from Hopr's repository).

An abstract profile graphic of a motorcycle sidecar with the envoy-hopr logo on it.
Configure your sidecar

DevOps staff configure XTRA Sidecars with a specific CHIPS algorithm to enable it to communicate with other trusted enterprise workload. Additional Envoy configuration settings are possible, too.

Abstract graphic of a containerized workload with an envoy-Hopr sidecar
Integrate and test with a workload

DevOps staff load the XTRA Sidecar container image alongside its registered workload. On first use, the  Sidecar builds an ephemeral secret and connects to Hopr to verify operation and trust of the workload.

Graphic illustration of two containerized workloads in live operation
Go live!

XTRA's automated moving-target defense is immediately protecting pairs of communicating workloads at every session, whether they operate on-premises, in a commercial cloud, or in a hybrid-cloud environment.

Watch a 7:14 (min:sec)video explaining the DevOps-friendly deployment of XTRA and a demonstration of how it protects workloads from untrusted connections

Hopr cover image for DevOps Demonstration of XTRA

XTRA Features Deliver Advantages

A comparison of XTRA's features versus four competitor products

XTRA Feature


Rotate credentials at high frequency for a moving target defense.
Only one other competitor identifies key reuse as a problem for enterprises. But keys are rotated infrequently.
Reject all malicious traffic at each workload.
Two competitor products may have some capability to block malicious traffic from reaching a workload.
Symmetric end-to-end encryption protects messages over the entire communication route.
Only one other competitor product provides an end-to-end encryption capability.
Eliminates the "secret zero" problem. Secrets vanish after use and are not stored.
Only one other competitor uses ephemeral secrets that eliminate the secret zero problem.
Workloads build their secrets at each session and use them for encryption rather than authentication.
No other competitors build secrets that rotate at a high frequency.
Low-friction adoption. Simple addition of a Sidecar requires no change to existing Apps and APIs.
All other competitors require layers of API integration and add complexity to APIs or require external appliances.
Abstract Graphic of workload, XTRA sidecar, and YAML file icons

Try Our Tech

Apply to participate in our free beta program. Experience the simple effectiveness of CHIPS technology with your own workloads and data.

Onboarding is fast, and we provide bespoke, self-paced support.
Sign Up for Free


What does XTRA mean?

XTRA is an acronym for eXceptionally Tamper Resistant APIs. The name reflects the net effect of the many security features provided by Hopr's CHIPS technology when used to protect enterprise workloads and data.

What is Envoy Proxy?

Envoy proxy is open source software developed by the Cloud Native Foundation. It performs many networking functions for workloads using a sidecar pattern. XTRA Sidecars add a custom filter to Envoy.

Is XTRA for enterprise workloads only or can it be used with 3rd-party workloads?

XTRA is for trusted enterprise workloads only. Enterprise workloads are centrally managed and trusted so they are able to share a CHIPS algorithm with trust and low risk. The verification and trust of external third-party workloads is under development by Hopr.

Must all enterprise sidecars be configured with the same algorithm?

Only sidecars whose workloads need to inter-operate to perform a service must use the same CHIPS algorithm. Other enterprise workloads/sidecars may be configured with different algorithms for micro-segmentation of enterprise services.

How is the end-to-end encryption performed?

It is symmetric encryption that is made possible by two workloads building an identical key using a CHIPS algorithm. The key is never exchanged or exposed to theft.

At what layer of the ISO network stack does XTRA encrypt message traffic?

The encryption-decryption occurs at Layer 4, the Transport layer. Every IP packet (message headers and bodies) is individually encrypted and decrypted.

Does XTRA replace the API keys I use?

No. API keys are still used within messages sent to an API endpoint, but they serve an identification purpose only at the endpoint. They are not needed for security, but are protected because they encrypted in the message so they cannot be sniffed in transit.

How does XTRA block malicious traffic?

Because of XTRA's encryption-decryption approach and high-frequency secrets rotation, only trusted workloads are able to read encrypted messages. All other traffic fails decryption and is blocked from ever reaching the workload (or API endpoint).

Is XTRA used for North-South and East-West workload traffic?

Yes. XTRA protects all ingress and egress access to workloads whether or not they are in the same containerized infrastructure or external to it. The only requirement is that the workloads be managed within the enterprise.

What load balancer is used for XTRA's encrypted message traffic

Because XTRA encrypts message packets (both headers and message bodies), encrypted traffic must use a Network Load Balancer (NLB). If you require an ALB, then please contact us to discuss your use case.

Don't see your question above?
Schedule a FREE discovery call.

Discover a winning defense

Schedule a 15-minute discovery call with one of our experts to discuss your use case and learn how Hopr's automated moving-target defense can prevent cyber attacks on your business.
Schedule a Call
Gartner, Emerging Tech: Security — The Future of Cyber Is Automated Moving Target Defense, Lawrence Pingree, Carl Manion, et al.., 28 February 2023. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.