Build, deploy and scale secure enclaves

Easily deploy Docker containers in a Secure Enclave, powered by AWS Nitro Enclaves. Enclaves offer easy deployment, invocation and attestation of Secure Enclaves without the engineering overhead.

ClientClientSecure EnclaveSecure EnclaveCode changed

Enterprise-grade security for sensitive workloads

A Secure Enclave is a highly constrained compute environment which allow you to prove that the code you've written is the code you're running. They have no persistent storage, no shell access and no networking by default.

1await evervault.enableEnclaves({
2  'my-enclave': [{ PCR8: "..." }]
4const { data } = await axios.post('https://my-enclave.uuid.evervault.com', {
5  encryptedPayload

Get started with the Enclaves Primitive

Deploy and attest your first Secure Enclave using three commands from the Evervault CLI.

Step 1


Use the Enclaves CLI to convert a Docker image to an enclave image — locally, or in your CI/CD pipeline.

~ ev-enclave build -f ./Dockerfile .
Step 2


Upload your enclave image to Evervault, and we’ll provision and scale your enclave automatically.

~ ev-enclave deploy .
Step 3


Attest and request your application using the Evervault SDK — so you can verify the code you wrote is the code you’re running.

~ curl https://my-enclave.uuid.evervault.com

Effortless deployments with provable security

Easily run sensitive workloads in completely segregated environments with heavily restricted external access.

Attest code integrity

Verify that the code you’re running is the code you wrote and signed, guaranteed by cryptographic attestation.

Full isolation

Isolate sensitive workloads from the internet, and verify that sensitive data never leaves your enclave.

Lift and shift

Easily deploy any existing Docker container into a Secure Enclave.

Hosted and managed by Evervault

Evervault manages and scales instances on your behalf. Eliminate the DevOps headache of deploying and scaling Secure Enclaves.

Elastic scaling

Configure the size and number of instances running your enclave on demand.

Compliant from the ground up

Evervault is fully compliant under PCI DSS, HIPAA, SOC 2 Type II, and GDPR. Build compliant applications in public clouds.

Adapt Enclaves for any security workflow

Enclaves can be adapted to any existing workflow that requires heightened security.

UserPerform Key OperationsEnclaveServer

Compatible with each Evervault Primitive

Primitives are building blocks for developers. They're fundamental, interoperable products for constructing any data security or compliance workflow.

Read the docs

Meet compliance requirements. Build customer trust.

Use Evervault’s flexible building blocks to keep your customers’ data secure and compliant at all times.