SCONE can transparently encrypt files and network traffic and in this way, it protects data from unauthorized access via the operating system, the hypervisor or any software.
SCONE transparently attests programs to ensure that only the correct, unmodified programs are executing in a genuine SGX enclave. This also prevents malware to attach to programs.
SCONE supports curated images for many popular services like Vault, memcached, Apache, MySQL, etc.
SCONE supports secure compose files to protect secrets that are visible in Docker compose and stack files as well as Kubernetes metadata files.
SCONE executes programs inside secure enclaves - without requiring source code changes. We recommend to recompile applications but we support executing native Alpine applications inside containers. In this way, we are preventing even attackers with root access from stealing secrets from these programs.
SCONE helps to configure programs with secrets that can neither be read nor modified by attackers - even if they would have already taken control of the operating system and/or the hypervisor. This is transparent to the application, i.e., does not require any source code changes.
Co-Founder & COO, Trustworthy Systems Guru
Co-Founder, Shield Execution Expert
Co-Founder, Lead Runtime Developer
Co-Founder, Application, AI Frameworks, Blockchain
Co-Founder & interim CEO, Software Developer