OBLV Deploy

Invisible Security Infrastructure for Processing Data

Launch your application within secure enclaves using our plug-and-play privacy infrastructure in an environment that no one outside can access. Not even us.

At a Glance

OBLV Deploy is a confidential computing runtime built for enterprises looking to deploy their services with enhanced security and trust for their users. Confidential computing offers a range of advantages to those building services related to:

Data Collaboration

Data remains protected during processing, which enables secure collaboration between departments, organisations, or across different sectors.

SaaS Deployments

Establish instant trust in your SaaS relationships with our real-time security assurance through trusted security infrastructure.

Leveraging the Cloud

Transition effortlessly from on-prem to the cloud, maintaining the highest security and compliance standards.

Packaging for Cloud Marketplaces

Safeguard your intellectual property by deploying AMIs within secure environments that ensure your IP remains protected.

How it Works

Secure Enclaves by AWS Nitro

Deploy applications in a Trusted Execution Environment supported by best-in-class AWS Nitro Enclaves isolation technology.

Cryptographic Handshake

A cryptographic handshake creates a secure, undisclosed channel of communication from a computer to the enclave, authorising the user and validating that the enclave is doing what it is expected to do.

No Prying Eyes Looking at Your Data

Your APIs remain opaque at runtime with extremely limited input and output within secure enclaves, maintaining true end-to-end encryption.

Attestation Documents

Enclaves allow you to request attestation documents signed by the underlying infrastructure. These are signed documents of the hashes of all of the source code and the environment running inside.

Security Beyond Compliance Certificates

What’s Assured?

Attestation

By utilising infrastructure attestation, confidential computing validates virtual machines and verifies the legitimacy of your connections. This process guarantees that the secure enclave has not been tampered with and runs the expected code.

As a result, you can confidently verify the identity and integrity of the environment before proceeding with data exchange or processing, assuring the authenticity of your connections.

Isolation

In confidential computing, your data and code are safeguarded within a secure enclave, separate from the main operating system and other applications. This ensures that your critical applications remain protected, even for users with administrative privileges on the host machine.

The independent CPU and RAM, as well as limited communications over virtual sockets, maintain the confidentiality of your critical applications, providing unparalleled data security.

OBLV Deploy Approach

Simplify the confidential computing VM paradigm by running the same custom boot system internally. We dynamically pull the desired services into the confidential computing VM at runtime.
This allows us to manage:

Supervision & Control Flows

Obtain explicit verification of data flow with top-tier security tools and strict firewall control.

Attested TLS

Secure end-to-end communication channels by leveraging the attestation document instead of the certificate authorities.

Intuitive Attestation

Ensure consistency with static VM deployment and eliminate the need for client-confidential computing environment communication. What you see (the container you wish to connect to) is verifiably what you get.

Orchestration

Standardise VM interfaces for seamless integration with Kubernetes, like any other pod in the stack.

Features

How We Compare

The additional features of OBLV Deploy address crucial challenges that standard computing environments miss to ensure seamless integration, scalability, adaptiveness, and ease of use.

Standard Enclaves

Isolated Runtime
Attestation document
Attested TLS
Controlled Outbound Connections
Container Digest Controls
No Modification to CI/CD Pipeline
No Modification to Development
Customisable Authentication
Autoscaling
Sticky Sessions

OBLV Deploy

Isolated Runtime
Attestation document
Attested TLS
Controlled Outbound Connections
Container Digest Controls
No Modification to CI/CD Pipeline
No Modification to Development
Customisable Authentication
Autoscaling
Sticky Sessions

Standard Enclaves

Isolated Runtime
Attestation document
Attested TLS
Controlled Outbound Connections
Container Digest Controls
No Modification to CI/CD Pipeline
No Modification to Development
Customisable Authentication
Autoscaling
Sticky Sessions

OBLV Deploy

Isolated Runtime
Attestation document
Attested TLS
Controlled Outbound Connections
Container Digest Controls
No Modification to CI/CD Pipeline
No Modification to Development
Customisable Authentication
Autoscaling
Sticky Sessions

The Three Components of OBLV Deploy Infrastructure

AWS Nitro Enclaves

Secure enclaves create an isolated environment to protect your data while they’re being processed.

Kubernetes Operator

Manages the enclave lifecycle and orchestrates the deployment of your applications according to the specifications you provide in the deployment manifest..

OBLV CLI

Command-line tool to securely connect to and attest the enclaves from your machine and verify exactly what is running inside.

Get in Touch

Book a Demo

Do you want to know more specific information or see OBLV Deploy in action?
Contact our team to show you what it can do for your business.

Frequently Asked Questions

What’s the difference between OBLV Deploy and Antigranular Enterprise?

OBLV Deploy is made for businesses looking to deploy applications in a secured computing environment. AGENT is for organisations who want to enable data scientists and machine learning models to work and collaborate on sensitive data without compromising individual privacy.

How do you guarantee security on the cloud?

OBLV Deploy guarantees the source code and the environment of containers by leveraging secure enclaves. Enclaves are servers with two main properties: strong isolation enforced by a combination of hardware and software measures as well as attestation. This ensures data security and privacy while providing transparency about how it is processed.

How is OBLV Deploy different from other similar products?

OBLV Deploy is a unique confidential computing environment that does not require modification to your development process or CI/CD pipeline. It makes working with confidential computing easy and intuitive while offering strict supervision and control flows of data.

Do you have a spec sheet for OBLV Deploy?

Yes! Contact us via the website form and we’ll send you a detailed spec sheet for OBLV Deploy. Our tech team is also happy to provide a demo of the product.

What is confidential computing?

Confidential computing is used in various sectors to secure sensitive workloads. In financial services, it can secure transaction processing, preventing unauthorised access to sensitive financial data during computation. It can protect...Read more

How does confidential computing enhance cloud security?

Confidential computing significantly boosts cloud security by creating secure, isolated environments for sensitive data processing. This is accomplished using Trusted Execution Environments (TEEs), which encrypt data in use, thereby...Read more

Find answers to more common questions in our FAQs section

Solutions

Resources

Community