Cages
Cages are the easiest way to build, deploy and scale Secure Enclaves. Go from a Dockerfile to an AWS Nitro Enclave in 15 minutes.
Build, deploy, attest.
Get all of the benefits of Secure Enclaves with none of the headaches. evervault abstracts away the hard parts of running code in a Secure Enclave, without disrupting your workflow.
Build
Use the Cages CLI to convert a Docker image to an enclave image — locally, or in your CI/CD pipeline.
Deploy
Upload your enclave image to evervault, and we’ll provision your enclave automatically.
Attest
Attest and request your application using the evervault SDK.
Trust from the ground up
Open Source
Security by obscurity doesn't cut it. All Cages are auditable and transparent by default. Cages run without any proprietary agents, runtimes or libraries.
Available on GitHub
Secure Enclaves with batteries included
Secure Enclaves are the best way to guarantee your code hasn’t been tampered with. With Cages, you can process your most sensitive data in a Secure Enclave and keep it encrypted by evervault end-to-end.
Reduced Threat Vectors
Protect applications from malware, memory scraping, hypervisor, and container breakout attacks with a hardware root of trust. Cages bring fine grained access control to data being processed by an application, its memory and runtime state.
Protect Data in Use
Specialized hardware combined with remote cryptographic attestation protects data from internal bad actors, nation states and cloud providers. Cages bring the highest level of application security to sensitive data.
Confidential Machine Learning
Use Cages for Machine Learning inference to encrypt the inputs and outputs of a model. Securely share outputs with third-parties while guaranteeing the integrity of input data.
Fully Attestable
Attestation lets you prove the integrity of code running within a Secure Enclave. With Cages, attestation is as easy as trusting a TLS server through Attested TLS (aTLS). Verify your code hasn’t been tampered with before sending it any sensitive data.
Hosted and Managed by evervault
Cages run in AWS Nitro Enclaves on Evervault’s infrastructure. Forget about provisioning EC2 instances, implementing routing, or scaling your service.
Compliant from the Ground Up
evervault is fully compliant under PCI DSS, HIPAA, GDPR and SOC 2. Use Cages to run compliance-bound workloads on sensitive healthcare or financial data.
Compatible with any Stack
Cages can be built and deployed from any Docker container, and can be written in any language. Built on Docker, Cages simply need a TCP server running inside your container to accept requests.
Integrated by Default
Cages let you take advantage of Evervault’s encryption platform from within your Secure Enclave. evervault-encrypted data is decrypted when it enters the enclave, and the in-enclave encryption API gives you full flexibility to encrypt and decrypt.
Scalable from Zero to Infinity
Cages are designed with the most intensive workloads in mind, and can be scaled from one instance to many depending on your requirements. Load balancing is handled automatically by evervault.
esbB/Ba8P iYTMp /DR pYx yW+7 DR77M M6 NWUOJ3 Hb6hO1Gpg
Secure your most sensitive workloads.
The best companies go above and beyond when securing their sensitive data. Join the Cages beta to give your customers best-in-class security without the hassle.