Listing Thumbnail

    External Key Storage for AWS (XKS Proxy) by Securosys

     Info
    Sold by: Securosys 
    External Key Story (XKS) for AWS empowers enhanced data protection by connecting AWS Key Management Service (KMS) with Securosys Primus HSM or CloudHSM via the secure Securosys XKS Proxy, enabling external storage and management of encryption keys for heightened security and control.
    Listing Thumbnail

    External Key Storage for AWS (XKS Proxy) by Securosys

     Info
    Sold by: Securosys 

    Overview

    The Securosys XKS Proxy empowers you with AWS External Key Store (XKS), a cutting-edge capability within AWS Key Management Service (KMS). This feature enables you to fortify your data protection in AWS using encryption keys stored securely inside Securosys on-premises Primus HSMs or Securosys managed HSM service (CloudHSM) external to AWS.

    When you opt for AWS KMS External Key Store (XKS), you replace the KMS key hierarchy with a new, external root of trust, where all root keys are generated and safeguarded within the HSM you provide and operate. When AWS KMS performs encryption or decryption, it communicates with the Securosys HSMs via the Securosys XKS proxy, ensuring robust security throughout the process.

    Take charge of your AWS KMS keys with confidence, knowing that your cryptographic objects remain protected within the tamper-proof Securosys CloudHSM or Primus HSM, away from the AWS cloud. How Securosys XKS Proxy Works Securosys XKS Proxy acts as the secure intermediary between AWS KMS and your Securosys Primus HSM or CloudHSM. The Securosys XKS proxy never directly interacts with your HSM, and it cannot access, manage, or manipulate your keys. Instead, all communication between AWS KMS and your cryptographic objects is channeled through the Securosys XKS Proxy.

    Deploying the XKS proxy is simple and seamless, facilitated by the user-friendly Securosys XKS Proxy docker image. It can be downloaded from our Securosys support portal - please contact us if you are interested in learning more.

    You have the flexibility to deploy the XKS proxy within an AWS EC2 instance or directly within your own environment, giving you complete control over your encryption workloads.

    Deploying the Securosys XKS proxy is simple: configure and run its Docker image to link AWS KMS with Securosys HSMs. Logging options include client server or remote logging. Deployment options include within AWS VPC EC2 or via a public endpoint for on-premises connections to AWS services.

    Use the download link in the resources.

    Highlights

    • DIGITAL SOVEREIGNTY: Your cryptographic keys reside outside of the AWS KMS cloud, ensuring that only you can decrypt protected content, guaranteeing AWS does not have access to your private keys.
    • BEST-IN-CLASS COMPLIANCE: Securosys CloudHSMs and the FIPS140-2 Level 3 and CC EAL 4+ certified Primus HSM, empowers you to meet stringent compliance requirements. Our transparent approach allows you to review all software code and blueprints, providing peace of mind that neither Microsoft nor Securosys can access the plain view of your customer data.
    • EASY DEPLOYMENT: Swiftly deploy the Securosys XKS proxy, allowing you to focus on safeguarding your sensitive data rather than navigating through intricate setup processes.

    Details

    Delivery method

    Pricing

    Custom pricing options

    Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Support

    Vendor support

    Documentation & quick start guide: https://docs.securosys.com/xks/overview 

    Technical support (account required): https://support.securosys.com/external 

    Contact sales: