An approach to secrets management that goes beyond building a virtual vault
Judo protects your data that lives everywhere – on laptops, on mobile devices, in the cloud, on premise and in the wild. Judo applies a new defense-in-depth approach to protect data, control access to the data and provide complete visibility into the use of this data. Judo Security’s solution uses a patented digital “wrapper” system with dual layers of protection – one providing encryption and the second enforcing policies.
Defense-in-depth security and local control of data
Judo provides a double layer of protection – encrypting the data then shredding and storing the key used to encrypt data. Your data is encrypted and stays exactly where you put it – in a data store that you manage! Malicious actors that might gain access to the data, still needs access to the key. This requires that they hack your system and Judo’s system simultaneously, accurately reassemble the components of the key (shards) and then apply the key to the matching data. Judo’s defense-in-depth approach ensures that data in the wild is rendered unusable.
Centralized and flexible management
Judo’s solution is independent of your platform, applications, or location. Centralized data and secrets management prevents accidental exposure, avoids unauthorized use, and prevents persistence beyond their intended life. A flexible policy framework, integrates with your desired Identity and Access Management (IAM) tools, enabling easier IT and security policy compliance. A robust set of APIs, CLIs and a web-based interface allow authorized creation, storage and retrieval of data by services and users. The APIs enable integration with your DevOps tools, eliminating the need to hard code secrets or embed sensitive data, in any part of your continuous integration or deployment (CI/CD) pipeline.
Compliance and usage insights
Judo logs every action associated with data or secrets management and access. You can analyze the logs to identify which user or service accessed the data, identify changes made, and troubleshoot issues. The logs can be fed to other analytics engines for advanced correlation and anomaly detection. The logs can also be used demonstrate compliance or adherence to policies and standards.
Judo is agnostic to the architecture of the services that need to use the secrets. Whether you have client server-based application, virtualized, containers based or a server less architecture, you can easily access secrets with Judo. Judo provides a choice or combination of platforms to store the shards of your Key Encryption Key – Google’s Cloud Platform (GCP), Amazon Web Services (AWS) or Microsoft’s Azure.
Full lifecycle management and granular policy control
Judo provides the ability to create policies that govern who can encrypt data and secrets, who has access, which services can use them and from where. It allows setting timelines on key expiration and provides the ability to completely destroy keys, rendering the associated data inaccessible. Policy control parameters include IP addresses, geo-location, machine name and more.
DevOps integration and automation support
You no longer need to hard code secrets into your code, DevOps tools or Continuous Integration / Continuous Deployment (CI/CD) pipeline. A comprehensive set of APIs allow you to encrypt and or securely access data eliminating the need for human intervention or manual processes in an automation driven DevOps world.
Comprehensive logging and out of the box insights
You’ll have a comprehensive, auditable access log, to know which user or services accessed data or secret(s) and when. You will not have to spend hours trying to analyze logs, and instead have access to reports that provide critical insight, without manual manipulation. If you need access to the log data in other systems, we enable an easy export of the log data.
Scalable, reliable and highly available
Judo is a cloud native application and can easily scale to meet peak demand. Judo provides uniform global access to your data or secrets no matter what part of they world or the platform on which they might be needed.
START WITH A FREE TRIAL
Judo’s approach allows organizations to maintain control of their data, provides a low overhead cloud native approach to secure keys, ensures complete visibility into the data usage, and enables rapid multi-cloud implementation. Judo’s SaaS platform easily integrates with your current DevOps tools through open APIs.