Overview
WHAT DOES IT DO? +++ Connects containerized workloads across all cluster, container system, and cloud environments. +++ Verifies machine identity trust for every connection. +++ Prevents identity theft, key theft, MITM, malware delivery, and session hijacking attacks. +++ Prevents access to workload endpoints by untrusted connections (access control). +++ Secures data in transit over the entire route between endpoints. +++ Creates an Automated Moving Target Defense and shrinks the attack surface.
HOW IT DOES IT: Hopr Connect equips containerized workloads with a "sidecar" (built on Envoy proxy) that includes a decentralized 'cert-free' machine identity and secrets management capability. This frees the workload from the centralized identity services that restrict connectivity outside an identity 'silo' (domain). Workloads manage their identity and secret credentials and automatically rotate them at a high frequency, creating an Automated Moving Target Defense (AMTD).
Hopr's SaaS monitors each connection to verify the identity and trust of workloads when they connect. Connections perform a Synchronous Ephemeral Encryption (SEE) protocol that builds an end-to end encrypted channel (at OSI Layer 4 or Layer 7) without a key exchange. The SEE protocol prevents untrusted endpoint access and achieves data confidentiality and integrity over the entire route between endpoints.
THE PRODUCT: Hopr Connect operates using Hopr SaaS infrastructure and a Hopr Sidecar at each workload (thin client). As workload-sidecar pairs are deployed an application network or "super mesh" is built without any of the connectivity constraints, complications, or costs of centralized cert-based identity services and workload identity federation.
HOPR SIDECARS: Lightweight, "thin clients" are built on open-source Envoy proxy and deployed host workloads. Two types are offered:
XTRA Sidecars are used for connecting workloads within an organization where they are deployed with initial trust.
K4C Sidecars are identical to XTRA but with additional capability for high-trust connections with third party workloads outside an organization (such as partners, affiliates, or suppliers with whom business must be conducted, but trust is uncertain). K4C turns an organization's public-facing workloads into gateways because the sidecar can securely connect outside the organization and inside the organization.
SUBSCRIPTION PLANS:
TRY FOR FREE... FOREVER: Use Hopr's Free Forever plan (this public listing) to deploy and operate up to 30 sidecars per month. Each sidecar may make up to 10,000 connections per month at no charge. (API calls and responses within a session after the connection is made are not metered and are unlimited). Sidecar operation will continue if the free volumes are exceeded, but will incur a consumption fee for each month of overuse.
CONSUMPTION-PRICED PLANS: Additional plans are "consumption priced" with volume discounted pricing. For custom pricing, Pay-As-You-Go (PAYG), and annual contract plans with premium features, please email: aws-mp-sales@hopr.co , for a Private Offer.
VALUABLE BENEFITS: *** Lower Cyber Risk . ------- Defends against 18 common cyber attacks. ------- AMTD ------- Prevent untrusted access *** Easily network services or applications located anywhere on the Internet. *** Assured Confidentiality and Integrity of data in transit. *** Improved cost efficiency. Eliminates the cost of centralized cloud IAM services. *** Improved container portability and interoperability across cloud environments. *** High trust identity verification necessary for financial and healthcare IT regulations. *** Low Adoption Costs. No code changes to existing apps or APIs. *** Future proof (quantum resistant) *** Resistant to AI threats
Highlights
- FAST TIME TO VALUE. +++ Fast training and onboarding of customer DevOps. +++ Simple Devops-friendly configuration and deployment of Sidecars. +++ Security benefits begin immediately on deployment. +++ Security for enterprise and external third party organizations. +++ Self-serve training via the Hopr Help Center.
- LOWER COST. +++ Cloud native cost and pricing is more efficient than external IAM and cybersecurity SaaS solutions. +++ Decentralized identity management achieves a net positive customer savings of 10% to 80%. +++ Greatly reduced soft costs over legacy PKI protocols. +++ No modification to existing applications or API code is needed. +++ Config and deployment does not require high DevSecOps skills. +++ Improved container portability enables optimization of cloud spend.
- HIGH SECURITY. +++ Machine Identity Trust: Frequent workload identity verification. +++ Synchronous Ephemeral Encryption: (SEE™) ensures data in transit is confidential and tamper-proof over the entire route. MITM attacks are prevented. +++ Blocked Untrusted Connections: Untrusted message traffic fails SEE™ decryption and is discarded. +++ Automated Moving Target Defense (AMTD): Workload credentials rotate at a high frequency.
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Dimension | Description | Cost/12 months |
|---|---|---|
Private-facing sidecars | Sidecars that prevent attacks on internal workloads and endpoints | $0.00 |
Public-facing sidecars | Sidecars that prevent attacks on public-facing workloads and endpoints | $0.00 |
The following dimensions are not included in the contract terms, which will be charged based on your usage.
Dimension | Cost/unit |
|---|---|
Unit fee for sidecars above the free volume (1 unit = 1 sidecar) | $2.50 |
Fee for connections above the free limit (1 unit = 1000 connections) | $0.60 |
No DevOps? Our DevOps will config and deploy our sidecars for you | $6,000.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Technical and business support personnel are available via email M-F from 9AM-5PM US Eastern time zone. Free Forever products are supported on a "best effort" basis. The fastest method of technical support is to send email to service@hopr.co with the issue in the subject line and a full description of the problem in the message body. You will receive an automated response to your submitted support request email. Follow-up response times vary. Our goal is to follow-up within 24 hours. service@hopr.co
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
