Overview
Legacy API threat protection and access control solutions weren't built for the speed and scale of the cloud. Statistics indicate they are failing to protect cloud resources. Hopr's cloud native Automated Moving Target Defense is built for the cloud and uses four patented innovations that no other API Threat Protection or Access Control solution has:
DECENTRALIZED IDENTITY AND VERIFIED TRUST: Each workload holds and manages their own Identity and Secrets service. Workload identities are "certificate-free," overcoming the implementation challenges common with external centralized IAM services and improving trust and interoperability across cloud environments. Workload identity trust is verified at each communication session..
END-TO-END ENCRYPTION OF DATA EVERYWHERE WITHOUT A KEY EXCHANGE. Workload egress messages are secured using a Synchronous Ephemeral Encryption (SEE™) protocol, SEE™builds end-to-end encrypted communication channels without a key exchange. Existing API keys are wrapped in encryption and recognized and trusted on arrival.
MALWARE DELIVERY PREVENTION: Ingress messages from untrusted and malicious sources fail decryption on arrival and are discarded before they can reach the endpoint, even if they arrive via the Public Key Infrastructure that is in place (e.g. TLS).
AUTOMATED MOVING TARGET DEFENSE: Hopr automatically rotates credentials at a high frequency in real time and across all clouds to disable the ability of threat actors to steal and misuse workload credentials or launch MITM attacks. Untrusted connections are prevented in all clouds and across organizations.
THE PRODUCT: These four innovations protect workloads, API endpoints, and data in transit. Our SaaS solution is composed of Hopr Sidecars and Hopr Infrastructure.
HOPR SIDECARS: Lightweight, thin clients that are built on open-source Envoy proxy and deployed with host workloads. XTRA Sidecars operate within the enterprise and K4C sidecars interoperate with external organizations, such as partners, suppliers, and customers.
Hopr Sidecars are to workloads what USB is to physical computing devices - a universal connector. And Hopr Sidecars connect trusted workloads in any cloud environment and across organizations, adding much needed trust and security to B2B ecosystems such as financial services and healthcare systems, manufacturing, utilities, and retail. Hopr Sidecars keep every business, supplier, partner, and customer safe.
THE PLAN:
TRY FOR FREE... FOREVER: Hopr's Free Forever plan (this public listing) protects up to 30 workloads per month, each performing up to 10,000 communication sessions per month. (API calls within a session are not charged and are unlimited). These are monthly limits and usage above either the free workload volume or free session volume is billed at a small unit fee.
CONSUMPTION-PRICED PLANS: Hopr Sidecars are used in all of our cloud native SaaS plans. All plans are "consumption priced" with fees charged for the number of workloads equipped with sidecars and the number of communication sessions performed each month. Consumption prices decrease with increased volume of use.
For custom pricing, pay-as-you-go, and annual contract plans with features such as reporting, custom algorithms, fault tolerance, SLA/SLO, or a Private Contract, please email aws-mp-sales@hopr.co , for a Private Offer.
VALUABLE BENEFITS: *** Lower Cyber Risk ------- Defends against 18 common cyber attacks ------- Malware delivery prevention *** Assured Data Confidentiality and Integrity *** Cost savings over third-party and cloud IAM services *** Improved container portability and interoperability across cloud environments *** Cloud Native Automated Moving Target Defense *** Low Adoption Costs. No code changes to existing apps or APIs. *** Future proof (quantum resistant)
IMPORTANT FEATURES: --- Immutable, rotating, workload identities --- Verified workload identity trust (trust is verified at the start of every communication session). --- Synchronous Ephemeral Encryption (end-to-end symmetric encryption without a key exchange.) --- Decentralized and autonomous identity and secrets management --- High Frequency Credential Rotation (prevents credential theft). --- 100% Malware Delivery Prevention (even if it arrives encrypted in TLS) --- 100% Data Confidentiality and Integrity (in transit, over the entire routed between endpoints) --- Decryption-based trust verification. --- Protection of both client and server endpoints --- Protection across all cloud environments (private, hybrid, multi-cloud) --- Encryption and decryption at either Layer 4 (every packet) or Layer 7 (message bodies). --- Protection of N-S traffic and E-W traffic --- Operates with any containerize workload system or VMs
Highlights
- FAST TIME TO VALUE. +++ Immediate Protection: Security benefits are immediate at runtime. +++ Simple Devops-friendly configuration and deployment of Sidecars. +++ Security benefits begin immediately on deployment. +++ Security for enterprise and external third party organizations. +++ Self-serve training via the Hopr Help Center.
- LOWER COST. +++ Cloud native cost and pricing is more efficient than legacy IAM and cybersecurity SaaS solutions. +++ Decentralized identity produces a net positive customer savings of 10% to 80%. +++ Greatly reduced soft costs over legacy PKI protocols. +++ No modification to existing applications or API code is needed. +++ Config and deployment does not require high DevSecOps skills. +++ Improved container portability enables optimization of cloud spend.
- HIGH SECURITY. +++ Machine Identity Trust: Frequent workload identity verification. +++ Synchronous Ephemeral Encryption: (SEE™) ensures data in transit is confidential and tamper-proof over the entire route. MITM attacks are prevented. +++ Malware Delivery Prevention: Untrusted message traffic fails SEE™ decryption and is discarded. +++ Automated Moving Target Defense (AMTD): Workload credentials rotate at a high freque
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Dimension | Description | Cost/12 months |
|---|---|---|
Private-facing sidecars | Sidecars for use with internal workloads and endpoints | $0.00 |
Public-facing sidecars | Sidecars for use with public-facing workloads and endpoints | $0.00 |
The following dimensions are not included in the contract terms, which will be charged based on your usage.
Dimension | Cost/unit |
|---|---|
Unit fee for workloads above the free volume (1 unit = 1 workload) | $2.50 |
Fee for sessions above the per-workload limit (1 unit = 1000 sessions) | $0.60 |
No DevOps? Our DevOps will config and deploy our sidecars for you | $6,000.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Technical and business support personnel are available via email M-F from 9AM-5PM US Eastern time zone. Free Forever products are supported on a "best effort" basis. The fastest method of technical support is to send us a support request email with the issue in the subject line and a full description of the problem in the message body. You will receive an automated response to your submitted support request email. Follow-up response times vary. Our goal is to follow-up within 24 hours. service@hopr.co
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
