Vault:
app-level encryption as a service

Powerful APIs and controls to encrypt and decrypt customer data in minutes. Easily scale your data security over different databases and applications.

Trusted by

Benefits

Let us do the heavy lifting

Encryption

Forget about cryptography algorithms and certificates

Searchable encryption

Search over fully encrypted data with exact and partial matches

Key management

Stop managing keys, it’s now automatic and transparent

Key rotation

Rotate encryption keys with one API

Keys access

Enforce granular access controls in an easy and centralized manner

Performance

Perform thousands of encryption and decryption requests per second

Simplicity

Manage everything using a friendly dashboard

Activity

All operations are audited and recorded to logs

Affordable

A cost-effective turn-key solution, pay as you grow

Beyond encryption

Piiano Vault is everything you need to safeguard data

Access properties depending on policies or code

Set automatic data expiration policies

Create transformations for runtime data processing

Use automatic or proprietary data masking

Problem

Storing sensitive customer data in plaintext is risky

Databases aren't secure. They are designed to make data accessible and are leaving data exposed to attackers and non-authorized employees.

Solution

R&D chooses the storage technology - AppSec owns the data access gateway

Piiano Vault uses encryption to consolidate data access throughout your backend architecture.

Process

Encrypting and decrypting customer data securely

Step 1

Create a free Vault account

Step 2

Create a collection and use either a defined data schema or just a blob to throw in anything

Step 3

Use the encrypt API to encrypt the payload

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

 <dependency> <groupId>com.piiano.vault</groupId> <artifactId>hibernate-encryption</artifactId> <version>0.9.0</version> </dependency>

curl --request POST \
    --url 'http://localhost:8123/api/pvlt/1.0/data/collections/customers/encrypt/objects?reason=AppFunctionality \
    --header 'Authorization: Bearer pvaultauth' \
    --header 'Content-Type: application/json' \
    --data '[
  {
    "object": {
      "fields": {
        “Name”: “john doe”,
        "Email": "john@hotmail.com",
        "SSN": "123-12-1234",
        “DateOfBirth”: “1991-05-06”
      }
    }
  }
]'

Step 4

Use the decrypt API to decrypt the payload