How Ockam Works

Orchestrate end-to-end encryption, mutual authentication, key management, credential management, and authorization policy enforcement — at massive scale.


Portals carry various protocols over end-to-end encrypted Ockam secure channels. They work at the application level and abstract away the setup, management, and security of the network layer. When application connectivity and security is decoupled from your network, you no longer need to wait for your IT team to give you permissions to build connections.

Virtual Adjacency

When you have two applications running in two different networks, and they need to share data with each other, the classic way to set this up would be to connect networks or use VPNs, reverse proxies, maybe a platform specific solution like PrivateLink. There are many ways that you could do this at the network layer.

Ockam is at the application layer. This is a fundamental paradigm shift in how you can think about moving data and connecting applications. Because in this scenario, what we are doing is we're moving these applications so that they sit virtually next to each other. That means applications are available to each other on localhost in a peer-to-peer way. Applications appear to each other like they're sitting next to each other in the same box! And what we don't have to do in this scenario is change any of the network layer configurations or really need to understand anything and the network at all. In this way we say Ockam is networkless.

Build Trust

Get a Demo


Get Started

Ockam Command

Programming Libraries

Cryptographic & Messaging Protocols


© 2024 All Rights Reserved