• 20 February 2024
  • 9 min read

The power and limits of confidential computing

A deep dive into how enclaves work

ByMathew Pregasen
Read More
All
Product
Company
Encryption 101
Founder Notes
Engineering
Security
Compliance
Customers

How we built Enclaves: Routing Traffic with Consul

Building Enclaves presented various technical challenges, dig into our roadblocks with service discovery and how we’ve used Consul to fix it.

ByDónal Tuohy

How we built Enclaves: Egress Networking

How we built our Enclaves primitive, we dig into our redesign of Enclaves egress networking with iptables.

ByHannah Neary

Building a Key Sharing Product Using Enclaves

ByDavid Nugent

How we got the most out of PCI DSS v4

How Evervault combined the best of defined and customized validation to achieve PCI DSS v4

ByJohn Hetherton

Product Update January '24

Check out what's new in the Evervault product this month!

ByThe Evervault Team

Introducing Confidential Computing, powered by Evervault Enclaves

Accelerating a new era of data security by making confidential computing incredibly easy.

ByShane Curran

Decrypt PCI DSS 4.0 Special with John Hetherton

How moving to v4.0 presents an opportunity to rethink security.

ByThe Evervault Team

The unique challenge of upgrading to PCI DSS v4.0

There are two ways to tackle the latest PCI standard—a lift-and-shift approach and a ground-up reevaluation.

ByJohn Hetherton

Product Update — 2023 Roundup

Our product highlights from the year.

ByThe Evervault Team

A security paradigm for 2024: ATAF—Access To, Access From

By sorting tactics into “protection before” and “protection after”, security teams can build more robust programs.

ByMathew Pregasen

Product Update November ‘23

Check out what's new at Evervault product this month.

ByThe Evervault Team

Data Policies: fine-grained access control for encrypted data

Introducing Data Policies, Evervault’s newest platform feature. Set clear rules that dictate how and when encrypted data can be decrypted.

ByThe Evervault Team

Decrypt with Evervault: Richard Rodger from Voxgig

His journey from founding a leading Node.js company to DevRel company Voxgig

ByThe Evervault Team

Decrypt with Evervault: Thomas Kinsella from Tines

How to think through protecting your company’s most important assets

ByThe Evervault Team

Product Update October '23

Check out what's new within the Evervault product this month.

ByThe Evervault Team

Threat Models: Malicious Admin

Modeling and mitigations for dealing with a malicious internal admin

ByJohn Hetherton

Decrypt with Evervault: Kyle Mistele from Zelus

Ensuring complete web3 wallet security through secure enclaves and encryption

ByThe Evervault Team

The Story and Math of Differential Cryptanalysis

The Hidden History and Politics of Encryption Algorithms

ByDavid Nugent

Encryption at Rest has become a buzzword.

Companies often brag about encryption-at-rest? Is that really worth bragging about?

ByMathew Pregasen

Decrypt with Evervault: Damir Mehic from heyData

Empowering developers about security and privacy so they can implement measures from the start

ByThe Evervault Team

Threat Models: External Network Attack

Modeling and Mitigations of an External Attack.

ByJohn Hetherton

Product Update September '23

What's new this month? Card Reveal, revamped PCI compliance and PII encryption solutions, and enhancements to Cages.

ByThe Evervault Team

Decrypt with Evervault: Paul Conroy from Square1

How empathy for the customer can supercharge your development

ByThe Evervault Team

Threat Models: Accidental Cloud Misconfiguration

Third in our thread model series, we cover mastering cloud security.

ByJohn Hetherton

Decrypt with Evervault: Tamás Henning From Circle

“If you don't do security right, you can't have privacy.”

ByThe Evervault Team

Threat Models: Supply Chain Attack

Modeling and Mitigations of Supply Chain Threats

ByJohn Hetherton

Decrypt Development with Ines Kenova from nmible

From a co-founder turned engineer who is a self-described “security freak”

ByThe Evervault Team

Multi-party computation is (sort of) changing the game

Multi-party computing has a lot of potential. Unfortunately, it’s rarely worth the hassle.

ByMathew Pregasen

Product Update August ‘23

AI Privacy, Relay Redaction, and Decrypt API -- check out these and many more updates from this month

ByThe Evervault Team

Threat Models: Malicious Insider

How to model system threats within a sample cloud-based stack, and a deep dive into mitigations for a potential malicious insider threat.

ByJohn Hetherton

Decrypt Security at Vanta with Rob Picard

Establishing guardrails rather than gates, distinguishing signal from noise, and how security is about partnership.

ByThe Evervault Team

Solve the AI data security problem with a simple proxy

You can now use Evervault to securely integrate with OpenAI without sharing sensitive customer data.

ByShane Curran

The case for encryption by proxy

Encryption by proxy - intercept and encrypt data during the network request with a relay server.

ByShane Curran

Decrypt with Evervault: Meet your hosts

In the first episode of Decrypt, get to know your two hosts, Shane Curran and Liz Moy, and learn why they've started his podacst.

ByLiz Moy

Product Update July ‘23

HIPAA compliance, Mobile SDKs, FTUX and more! Our team has been hard at work, see what’s new in the Evervault world.

ByThe Evervault Team

Understanding Quantum Secrecy

A brief primer on quantum cryptography and quantum cryptanalysis

ByDeclain Thomas

Federated learning works like magic. Unfortunately, people don't really trust magic.

While federated learning is a big upgrade from centralized learning, it brings its own set of challenges.

ByMathew Pregasen

Securing Data at Rest & Using Data Securely

Learn how you can secure data that’s actively being changed or updated (in use) and data that you’re keeping in storage, like in a database or CDN (at rest).

ByShedrack Akintayo

Case Study: Navigating ePHI data security without compromising on product

Navigating ePHI data security doesn’t have to be a headache. Learn how one startup approached protecting their customer data.

ByJohn Hetherton

Product Update June ‘23

Checkout last month’s feature updates, user experience improvements and content.

ByThe Evervault Team

How Integrations Ushered in a New Era of Security Chaos

An app’s security is often only as strong as its least locked-down integration.

ByMathew Pregasen

Code Attestation Needs to be Easier

Explaining code attestation, how it enhances data security, and why it needs to be easier.

ByDavid Nugent

5 Ways Securing Customer Data Impacts Your Bottom Line

Safeguarding your Sensitive Data could Save Your Business Millions.

ByJohn Hetherton

'Shifting Left': It’s Time to Put Encryption at the Heart of Your DevSecOps Strategy

The Crucial Role of Encryption in the 'Shift Left' Paradigm

ByJohn Hetherton

Building and Scaling Engineer to Engineer Support

Bridging the Gap: Enhancing Developer Support and Product Integration in a Remote World

ByEoin Boylan

Optimizing our Encryption Engine

Unlocking E3's Full Potential

ByDavid Nugent

Product Update May ‘23

Deep dive into our recent product launches, feature updates, and developer demos.

ByThe Evervault Team

Why Enclaves Exist

From von Neumann to Secure Enclaves

ByDeclain Thomas

How We Built Cages: Wrapping Up

Overcoming Our Trust Issues

ByLiam Farrelly

Mastering API Key Safety and Management

Best Practices to Protect Your API Keys

ByShedrack Akintayo

How We Built Cages: Networking for Secure Enclaves

Building networking from scratch in an enclave environment

ByHannah Neary

5 Common Mistakes with Encryption at Rest

Learn the basics of encryption at rest and common mistakes to avoid when implementing encryption.

ByLiz Moy

How We Built Cages: Cage Provisioning

Providing TLS certificate provisioning and secrets management out of the box

ByHannah Neary

Product Update April ‘23

Checkout last month’s product launches, feature updates, and developer demos.

ByThe Evervault Team

How We Built Cages: Deploying to an Enclave

The architecture of a Cage and a step-by-step look at what happens behind the scenes during a Cage deployment.

ByDónal Tuohy

Deep dive on fully homomorphic encryption: what is it and what makes it different?

Demystifying Fully Homomorphic Encryption

ByShedrack Akintayo

How We Built Cages: Building Enclaves Easily

How Cage builds preserve the trust model of Enclaves and technical challenges we faced.

ByDavid Nugent

SHA-1 gets SHAttered

Theoretical attacks on SHA-1 have become practical. SHA-1 should be deprecated everywhere.

ByDeclain Thomas

How Evervault and Stripe Work Together

Ensuring PCI Compliance when collecting payment data with Evervault

ByLiz Moy

Why We Built Cages: Our Take on Secure Enclaves

Evervault’s take on Secure Enclaves – the importance of accessibility and ease of use when protecting sensitive data.

ByDavid Nugent

Product Update March ‘23

Checkout last month’s product launches, feature updates, and developer demos.

ByThe Evervault Team

What is a Trusted Execution Environment (TEE)?

Understanding how they work and why they matter.

ByLiam Farrelly

Phone Phreaks: the proto-hackers

Phone phreaking was a precursor to hacking that paved the way for Apple Inc.

ByBen Butler

Navigating the fallout of your ePHI data breach?

A quick guide to better understanding HIPAA compliance, obligations and requirements to ePHI breach reporting, and the best safeguards for avoiding data breach fallout.

ByJohn Hetherton

What Is Sensitive Data? Definition, Types, & Protection

Not sure what is sensitive data and what isn’t? Learn about all the different types of sensitive data and how to protect it when building applications.

ByJohn Hetherton

Stibitz: The forgotten father of the modern digital computer

Not to mention: excess-3 code, floating decimal arithmetic, self-checking circuits, jump program instructions, taped programs, and 'table-hunting' sub-computers.

ByBen Butler

Understanding the Australia Privacy Act in 2023

Learn about recent changes to the Australia Privacy Act and how you can stay compliant and protect your customer’s data in 2023.

ByJohn Hetherton

A Guide to Good DX: Unwrapping the Improvements

Learn about the DX improvements we’ve made to our website and application and how these changes will make developers’ lives easier.

ByEoin Power-Moran

A Guide to Good DX: Improving Your Website

The Principles of Good Website Design

ByEoin Power-Moran

Best Practices for Preparing Your Data for Encryption

A seven-step guide to building your encryption architecture, deciding what data to encrypt and how to think about securing it.

ByJohn Hetherton

A Guide to Good DX: Developer Docs

Taking your developer docs to the next level.

ByEoin Power-Moran

A Guide to Good DX: Introducing DXmas

It’s the most wonderful time of the year.

ByEoin Power-Moran

PCI DSS for Developers

Everything you need to know about PCI compliance.

ByJohn Hetherton

The Cryptography Lag

Why have production systems fallen behind academic cryptography?

ByThe Evervault Team

This Code Encrypts Itself

The encryption equivalent of a quine

ByDavid Nugent

Shamir's Secret Sharing: Explanation and Visualization

Gain a better understanding of Shamir’s Secret Sharing scheme and its importance with visualization examples from an Evervault engineer.

ByDavid Nugent

String Encryption: How to Encrypt a String in 5 Minutes

Encrypting your first string with Evervault

ByShane Curran

How to Build an App with Field Level Encryption

Learn how to use our invisible encryption proxy to automatically intercept and encrypt sensitive fields with field level encryption.

ByMichael Lennon

Avoid Zero-Day Vulnerability With Day Zero Security

Combating Zero Day Exploits (and data breaches in general) by integrating security from Day Zero.

ByShane Curran

Outbound Relay Response Encryption: An Explainer

Using response encryption with Outbound Relay improves the process of querying third parties securely.

ByChinaza

Tokenization vs Encryption In-House vs Evervault Encryption

Learn about the differences between tokenization vs encryption in-house vs Evervault encryption so that you can better protect your business’s data.

ByEoin Power-Moran

Secured by Evervault

Show your users how you protect their sensitive data. Secured by Evervault are hosted pages that confirm a team’s commitment to data security by summarising their encryption architecture.

ByNev Flynn

How we built Relay

Evervault is encryption infrastructure for developers. Relay is our latest product to make integrating encryption as easy as possible. This post is about how we built Relay.

ByLiam Farrelly

Rebranding Evervault

Announcing Evervault's 2022 rebrand.

ByNev Flynn

Announcing PCI DSS compliance

Learn more about how our customers — like Treecard — are using Evervault to reduce their PCI DSS scope to the simplest method of validation.

ByThe Evervault Team

Treecard: The wooden debit card that plants trees

How Evervault is helping its first PCI DSS customer to protect cardholder data.

ByThe Evervault Team

Announcing HIPAA and SOC 2 compliance

We’re excited to announce that Evervault has achieved compliance with HIPAA and SOC 2 Type II.

ByThe Evervault Team

Okra: Building Africa’s Financial Data Network

By building with Evervault, Okra is making sure that Africa’s financial data network is encrypted, safe, and secure.

ByThe Evervault Team

Announcing the first companies encrypting with Evervault

We’re proud that early adopters have chosen to build their apps and services with Evervault.

ByThe Evervault Team

Vital: The simplest API for collecting health data

How Evervault is helping Vital encrypt health data from wearable devices and at-home test kits.

ByThe Evervault Team

Manna: Building the drone delivery network of the future

How Evervault is helping Manna encrypt the data powering their drone delivery network.

ByThe Evervault Team

Encrypting the web

Defining our mission at Evervault.

ByShane Curran

The Encryption Manifesto

Eight principles for the encrypted web.

ByShane Curran

How we built the Evervault Encryption Engine (E3)

Evervault is encryption infrastructure for developers. At the core of this infrastructure is E3, the Evervault Encryption Engine. This post is about how we built E3.

ByShane Curran

Evervault announces $16.4M Series A led by Index Ventures

Evervault today announced its $16.4 million Series A round led by Index Ventures, with participation from existing partners Sequoia Capital, Kleiner Perkins, and Frontline.

ByThe Evervault Team

Evervault announces $3.2M seed led by Sequoia

Evervault today announced its $3.2 million seed round led by Sequoia Capital, with participation from Kleiner Perkins, Frontline, and SV Angel

ByThe Evervault Team