THE RUNTIME APPLICATION RISK EXPLAINED
Secrets-management applications contain sensitive information and are a single point of failure. Access to the master key allows access to all the keys, passwords, and secrets held by the application.
Root access to the machine running the secrets-management application allows access to the master key since it’s not protected in runtime.
The following situations create increased risk:
. Multiple admins: when organizations can’t limit the number of people with root access to the machine running these applications.
. Limited security zones: when these applications run alongside other applications that might have unknown vulnerabilities.
. Unhardened machines: when the machines running these applications are not hardened and might contain a zero-day vulnerability in the operating system that will allow someone unauthorized to gain root access.
. Public or private cloud: when the admins managing the machines running these applications and not part of the organization.
Application identity and integrity assurance
Utilizing remote attestation to verify the enclave identity helps ensure that the secrets and the secrets-management application have not been tampered with.
KEY FUNCTIONS
Runtime Application Security
Provides in-memory encryption to help secure secret-management applications in runtime (data-in-use).
Intel® SGX Memory Isolation
Intel® SGX isolates the memory used by an application from everything else including the operating system on the host machine. The data used in memory does not leave the CPU unencrypted thus even with root or physical access to the host the application is protected.
Intel® SGX Remote Attestation
Intel® SGX uses an attestation service to establish a secure trusted channel. Attestation can help verify an application enclave identity and help verify that the expected code is running in a protected enclave.
ANJUNA RUNTIME SECURITY
Your secrets-management application could be a single point of failure. If somebody hacks into the system, the keys stored in the secrets management application are exposed. Anjuna Runtime Security protects applications at runtime with a hardware-grade security perimeter, allowing any application to be deployed securely in any infrastructure, including on-prem, private, and public clouds. Anjuna Runtime Security software establishes the security boundary around the application without requiring modifications to the application or even recompilation.
Anjuna's uses Intel® SGX to create a security envelope surrounding applications that enable enterprises to deploy sensitive applications and protect the application and its data even if someone has root or physical access to the host. While technologies exist to protect data-at-rest and data-in-motion, Anjuna secures applications in runtime (data-in-use) utilizing Intel® SGX available in Intel Xeon E processors. Secured applications can be deployed in any environment and ran alongside untrusted applications on the same host. Anjuna removes the need to harden the machine and secure or patch the host, VM, or containers. Anjuna is ideal for protecting sensitive data such as secrets-management applications and enables a secure auto-unseal process without requiring an HSM.
Anjuna Runtime Security loads the application in an Intel® SGX enclave without requiring code changes or recompilation and integrates with existing DevOps automation processes.
BENEFITS
Security
Anjuna moves the security perimeter from the host, to the application itself, enabling users to deploy their sensitive applications without worrying about the security of the underlying infrastructure. It provides the so-far missing piece of securing data in-use. Even data that is encrypted at-rest needs to be decrypted in memory in order to be processed, which enables an attacker to dump the memory of a sensitive application in order to extract valuable information. Anjuna closes this gap. Specifically for secrets management applications, there is often a problem around protecting the master key in memory, where it has to be present in order to decrypt the stored secrets. Anjuna’s runtime protects the master key and the secrets in any environment, regardless of who has root access.
Flexibility
Creating a hardware-grade security perimeter around the application itself eliminates the need for rigid server security zones and minimizes reliance on HSMs. Also, removes the need to secure or patch the host, VM or container.
Simplicity
Anjuna’s solution enables a lift-and-shift migration of applications into secure enclaves with minimal training and configuration. It doesn’t require any changes in the application. The user neither needs to change anything in the source code nor even recompile the application. Anjuna’s runtime is capable of running closed source binaries in Intel® SGX. As such, it meshes with existing DevOps processes for both legacy and cloud-native environments. On top of that, Anjuna provides simple tools for verifying the authenticity of enclaves through attestation checking, provisioning encrypted data to enclaves, and monitoring the enclave operation.
Savings
Avoids rigid security zones and costly HSM infrastructure. The privacy guarantees, provided by the Intel® SGX technology and Anjuna’s software stack, unblock obstacles on the way to migrating sensitive applications to public cloud environments, since even the cloud administrator does not have access to the applications and their data, enabling great cost savings by minimizing the amount of servers deployed on-premise.
Performance
Anjuna enables moving secrests-management, which would sometimes reside on-prem due to privacy and security concerns, to the cloud. It Aallows secrets to be adjacent to applications thus o improving the overalle performance of the deployed workloads.