Ockam Orchestrator GA: A new way for Enterprises to build apps that can Trust Data-in-Motion
Matthew Gregory CEO
Ockam launches Orchestrator, the first developer tool that can add end-to-end encryption between any application, allowing them to trust data-in-motion.
We all use WhatsApp and Apple Message to secure the personal messages that we send to each other. It's a bit of an unspoken truth – whether it's the blue bubble message on your iPhone, or the double check in your WhatsApps – when you receive confirmation of delivery or receival, you know those messages were delivered safe and secure.
These messaging services also provide each of us with personal privacy and trusted encryption that ensures that each message received is from who we are messaging with. This level of personal encrypted messaging ensures that no one can intervene in our conversations - not even Apple or Facebook, who manage and run each of these services.
You Trust these messages.
The reality is, the rest of the data that moves through the internet is not as fortunate. Enterprise apps holding financial, health, personal, and corporate data do not have a 'WhatsApp' or 'Apple Message' level of Trust - and historically there has not been a drop-in service that comes with the same guarantees and safety that personal messaging apps have. Why is this? It's because secure messaging systems are exceptionally difficult and very expensive to build. Only elite engineering teams with massive budgets and long timelines can build these systems reliably.
In the Enterprise space, this same messaging scenario plays out every day for millions of applications – regardless of the industry. Modern cloud applications run in numerous private networks. The data that moves between networks is passed through an unwieldy number of intermediaries - any of which could break the chain of trust that connects applications together. The security surface area of modern cloud applications is impossible for a team to control.
Developers need the ability to build applications that are able to move data across complex, variable, and hostile networks. And, in a world where trust, privacy, and security is more important than it's ever been, it's crucial that businesses ensure that those apps have secure, authenticated, and private connections to their data.
Our mission at Ockam is to empower every developer at every business with the simple tools they need to create applications that can Trust Data. That's why we're so excited to share that Ockam Orchestrator is now generally available, democratizing the ability for anyone to build Trust for Data-in-Motion.
Ockam Orchestrator is the fully-managed cloud service that Enterprise developers need to build trust between applications, collaborate with teams, integrate with automated infrastructure, connect with data-layer stores and message brokers, and to facilitate massive scale message exchanges.
Ockam was built by developers for developers, allowing them to build apps with end-to-end data integrity and authenticity. The general availability of Orchestrator means developers can now leverage new features and functionality to help leverage Ockam's suite of tools and programming libraries to orchestrate end-to-end encryption, mutual authentication, key management, credential management, and authorization policy enforcement – all at massive scale.
Trust at the Application Layer
- Cryptographic identities and authentication everywhere.
- Managed credential authorities and ABAC.
- Enrollment protocols that bootstrap.
- BYO identity providers and access control policies.
End-to-End Encryption for Data-in-Motion
- Through networks, clouds, and protocols.
- Over enterprise messaging and event streams.
- For existing and new infrastructure.
- Built for high-throughput, low-latency, and high-availability.
Open and adaptable
- Open Source.
- Add-ons for Confluent, InfluxData, Okta, KMS, UDP, and more.
- Tools and packages.
- SLAs and Support.
Ockam's suite of developer tools, programming libraries, and managed cloud services shift security left by empowering developers to create apps that can Trust Data-in-Motion and that have end-to-end guarantees for data authenticity, integrity, and confidentiality.
Ensuring peace of mind for developers starts with providing the right tools and services to allow developers to focus on building applications without worrying about trusting data-in-motion and thinking through every detail that ensures that those apps are private and secure-by-design. In order to trust the data that they receive, applications need the end-to-end guarantees of data authenticity, integrity, and confidentiality. Secure-by-design applications minimize their vulnerability surfaces and have 'zero-trust' in the networks that they connect to. In doing so they shrink both the target and the blast radius of security breaches.
Underlying all of Ockam is a variety of well-researched and advanced cryptographic and messaging protocols from the applied and academic cryptography communities. So that anyone can use protocols, we've made them safe and easy to use in any application. It also means that we've made them very difficult to misuse! Ockam takes the guesswork out of this process by handling all of the underlying protocol complexity and provides developers with high-level and composable building blocks to create end-to-end, application-layer trust in data.
Ockam's products are all built from Ockam Open Source, which is available under the Apache License 2.0 on GitHub. We believe that all security products should be based upon open source code, because the more people that can review, audit, and contribute to a code base, the more secure it becomes.
Ockam Open Source was built with the Rust programming language. Ockam chose Rust because of the security and trustworthiness properties of the language. Rust is highly performant, is memory safe, and was designed to prevent common errors that occur in programming.
Changelog: Compliance & Audit reports now publicly available
Announcing: End-to-end encrypted secure channels for Kafka in Confluent