Evervault Payments is our secure payments configuration that allows you to collect and share credit card data from your customers or third parties, while minimising your compliance requirements under PCI DSS.
We've redesigned our docs! ✨
We’ve built them to be as developer friendly as possible, allowing you to get up and running with Evervault Encryption in less than 5 minutes.
🧵Cryptography doesn't have to be abstract and complicated. It can be intuitive.
By visualising Shamir's scheme,
@nuggimane
teaches us how to securely share a secret.
We’re thrilled to partner with
@Unbanx_app
to keep their members’ sensitive data safe.
By using
@evervault
,
@Unbanx_app
ensures users’ banking data is always encrypted while still being able to process it internally and securely create the
@Unbanx_app
opt-in data products.
We’re excited to work with
@mybridgecard
to protect their users’ data.
Bridgecard merges your cards, bank accounts and fintech wallets into one card and app.
We helped Bridgecard fast-track PCI DSS compliance with our integration to remove sensitive data from their environment.
This code encrypts itself using the Evervault SDK. It is the encryption equivalent of a Quine!
If you're interested in encryption, you can sign up for Evervault at .
Our mission is to encrypt the web.
The only way to do this is to make encryption easy to integrate and hard to get wrong.
That's why you can encrypt your first string with Evervault in less than five minutes.
In this video,
@arcurn
shows you how.
December can be a slow month. But it can also be a time to speed up. We’re doubling down on developer experience (DX) with a commitment to ✨DXmas✨. In the spirit of the festive season: we’re making a list, checking it twice and putting it in Linear 🎅
In our latest guide, you can build an app that takes in a sensitive medical image, in this case, a brain scan, and run an AI model on it within a secure enclave.
It makes for a cool demo, but it also has real-world impact for medical data 🧵
"As a decentralized identity service, privacy is at our core. We need to ensure that our users’ plaintext data is never exposed, including to us. Evervault enables us to do this simply and quickly." —
@identity
Have you been naughty or nice this year? We’re sending lovely chocolate-y holiday gifts to some lucky Evervault users. Enjoy your
@beanandgoose
treats!
Product engineer
@Deirdre__Cleary
has created a demo to show how you can use our
@nodejs
SDK to encrypt sensitive data and run a simple function on that data - all in less than 90 seconds!
We’re delighted to be working with
@ZelusWallet
— a crypto and NFT wallet which focuses on user-friendliness as a core design principle.
With Evervault, Zelus will ensure that their wallet holders’ sensitive data remains encrypted while not storing any users’ keys themselves.
In less than 4 minutes, learn how to reduce your PCI DSS compliance scope, so your team spends less time becoming compliant, and more time building your business.
@arcurn
We're delighted to have been an early design partner for AWS Nitro Enclaves.
Nitro Enclaves provided us with the most advanced and robust trusted execution environments (TEEs) to start building our encryption engine (E3) with.
Read about E3 now:
In this demo, Evervault encryption architect
@Mikie_L
shows you how to create a sign-up form that encrypts incoming data using Evervault,
@nextjs
and
@MongoDB
.
Try the demo yourself here:
What’s the best way to share data?
1) Store it on a floppy disk and seductively toss it across the room (pictured).
2) Use Outbound Relay to share encrypted data with a third party API
1/5 This week’s post in the How We Built Cages series covers deployment — uploading, building, and finally deploying an Enclave Image File with the code needed to connect to and communicate with the enclave. It’s a complex process, but Cages simplifies it:
Nobody dreams about PCI (except maybe our head of compliance
@johthn
), but it doesn’t have to be a nightmare either. Get PCI compliant in days, not months (and save up to $100k).
When a potential latency problem with our encryption engine surfaced, we had to act fast.
@nuggimane
goes deep in this post on optimizations and how load testing tool
@artilleryio
was key:
Investigative journalism is a keystone of democracy.
@Legitimate_app
, leveraging
@evervault
, allows journalists to protect their sources — even if threatened by state actors.
Here’s how to encrypt a string [name], and then run a simple function [number of letters in the name] with the Evervault Python SDK, in less than 90 seconds.
@Deirdre__Cleary
shows you how.
Evervault is made up of four fundamental Primitives, designed to secure sensitive data anywhere in your stack.
Primitives are building blocks for developers. Fundamental, interoperable products for constructing any data security or compliance workflow.
Learn more below 👇
1/3) Last week, we launched DXmas: a company-wide initiative to improve the developer experience on Evervault. The road to great DX is paved with pull requests, and here’s an example of one we just shipped:
🎙 ICYMI -
@arcurn
interviewed
@TrustVanta
Security Lead,
@itsRobPicard
. If you're trying to build a security team, take a look to get some words of wisdom.
News: We're excited to announce that we've achieved compliance with PCI DSS.
Customers can encrypt cardholder data with Evervault and reduce their PCI DSS scope to the simplest method of PCI DSS validation
Learn more here:
Securing your sensitive data and workloads in the cloud using secure enclaves holds great promise, like ending data breaches for good, but historically building these systems has been difficult, requiring specialized hardware and domain-specific knowledge.
Process encrypted data with Evervault Encryption using secure serverless functions. Watch
@e_power_moran
show how you can run Functions locally and encrypt strings using the Evervault CLI.
Signing your application isn’t always enough, and code attestation is the solution. Find out for yourself →
In our latest blog post,
@nuggimane
explains what code attestation is, how it enhances communication security, and why it needs to be easier.
Learn how we optimized service discovery for Evervault Enclaves.
@DonalTuohy
explores the journey from AWS Cloudmap to Consul, offering a deeper look into the technical challenges and the benefits of the transition.
November Product Updates are here!
1️⃣ Data Policies: fine-grain access control for encrypted data
2️⃣ Scale Cages via the public API
3️⃣ Autofill payments with Google Pay for Android
What do the Danish Sugar Beets Auction, Apple password warnings, and Estonian Tax Board have in common? A technique that’s yet to realize its global potential (and for good reason).
Learn how we redesigned Enclave egress networking with iptables in our latest blog post. We removed DNS spoofing and SNI routing to create a more extensible and TCP protocol-agnostic solution.
Attestation is a key part of using secure enclaves. Here’s how attestation checks work with Cages along with potential attacks and how we protect against them:
We partnered with
@prescientsec
to be one of the first companies to achieve PCI DSS v4.0 status.
We cover how we use
@Yubico
, to ensure an additional layer of security provided by the YubiKey U2F / Fido2 as an authentication mechanism.
In cybersecurity, trust is a relative measure.
Confidential Computing is challenging traditional notions of trust, providing verifiable security for sensitive data with the power of TEEs.
Learn for yourself how data security is evolving:
🎙️Decrypt Ep2: Join
@arcurn
and this week’s guest,
@itsRobPicard
, security lead
@TrustVanta
as they decrypt what it's like to run security at a leading security and compliance company.
New: Understanding Quantum Cryptography
This post is a brief primer on quantum cryptography and quantum cryptanalysis.
A short thread on what we cover:
How can you trust that your code and data running in a secure enclave are protected?
Verifying your enclave's trustworthiness is possible through a process called cryptographic attestation. Evervault engineer
@LiamPTFarrelly
walks you through it:
1/4: Recent changes to Australia's Privacy Act 🇦🇺have increased fines for data breaches. Are you aware of the new Act and what actions you need to take to ensure compliance?
Academic writing isn't always boring.
When the cryptographic community suspected the NSA had put a backdoor in NIST's Data Encryption Standard, they embarked on an academic crusade to prove it.
Discover the story for yourself in our latest blog post:
Today, we’re excited to share some of what we’ve been building
@evervault
.
We’re building encryption infrastructure for developers.
At the core of this infrastructure is our encryption engine, E3.
A short thread on E3:
While building Enclaves, our take on
@awscloud
Nitro Enclaves, we encountered several unexpected challenges. Today’s focus: unexplained clock drift.
How did
@hanneary
and the team address this? Periodically poll the EC2 host time.
Check out how.
Developer documentation is often severely underutilized.
For many products, good docs are the difference between success and failure.
By applying four simple principles, you can improve your docs by an order of magnitude:
🧵
Our latest feature Relay Redaction, allows you to use LLMs while protecting sensitive information.
To showcase the use case
@Ecmoy
has built an app that categorizes support tickets using the OpenAI Chat Completions API while automatically redacting PII.
Evervault Inputs allow you to collect and encrypt card details and process payments across multiple Payments Service Providers, like
@Checkout
and
@stripe
.
Watch the video and fork the Replit to try it yourself:
LLMs are everywhere, but to use them you relinquish privacy and security. One way to utilize the power of language models while ensuring the protection of PII and prompt data is by running one in a secure enclave.
Learn how to run GPT-2 in a Cage:
From financial transactions to medical records, sensitive data requires the utmost protection. Discover how a Trusted Execution Environment (TEE) can help safeguard your data from potential attacks.
Write, test and deploy in minutes.
Easily process encrypted data using serverless functions in Node.js or Python. Functions can also be invoked from any language via an HTTPS request — regardless of your architecture.
“If my crypto wallet gets hacked, the potential loss is the total funds in the wallet. In my case, this isn’t much, but for some this could be thousands or millions of dollars worth of virtual currency."
What is sensitive data? Here’s a quick guide to understanding what classifies as sensitive user data and how to navigate the requirements to handle and protect it.
Too often, security teams strictly focus on protecting resources from attacks, but not inhibiting attacks should they occur. A new paradigm, ATAF (Access To, Access From), can help tackle that.
🌟Customer Spotlight: Ness🌟
Ness, a US-based fintech innovator, offers a health and wellness card that incentivizes members to spend and live healthily. They use Evervault for PCI Compliance which allowed them to launch quickly and 60% cheaper than their alternatives.
@nuggimane
P.S. Our new Cages product will allow you to not need to trust any server, not even Evervault. If this sounds interesting to you we're currently doing beta access!
Implementing encryption can be daunting. It’s hard to know where to start, and there are many questions to consider.
These seven steps walk you through everything you need to know to implement encryption successfully:
🧵
If you’ve heard the phrase “shift left” in the DevSecOps world, you might be wondering how encryption fits into the paradigm. Head of Compliance
@johthn
explains how they fit together and what needs to happen to enable this change:
Your website, as the place where your users first interact with your products, should be intentionally designed to maximise their developer experience.
@NevFlynn
is currently rebuilding our website using these 3 principles:
🧵
Data breaches are on the rise. To stay protected in 2023, implement these:
1. Encryption for sensitive data
2. Regular software updates
3. Multi-factor auth
4. Data backups
5. Phishing awareness training
What else will you do to keep your users safe?
🌟Customer Spotlight:
@hq_swan
🌟
Swan provides AI-powered virtual fitting rooms to retailers, allowing shoppers to try on garments virtually. Shoppers simply upload a short video of themselves in tight-fighting clothing. Swan fully encrypts the videos with Evervault’s file