EdgeBit Blog

Learn more about software security, encryption "in-use" and other privacy technologies from EdgeBit experts – engineers, security researchers and our product team.

By Rob Szumski, CEO & Founder • December 22, 2022
ThreatVector is an ongoing series where we break down recent security incidents in the news to understand how they happened, how they spread and what the ramifications are for companies as they evolve their defenses. LastPass recently updated details on it’s latest security incident, in which cloud storage was accessed that stored unencrypted customer details as well as certain unencrypted data like website URLs that was stored adjacent to the encrypted fields: username, password, secure notes, etc.
By Rob Szumski, CEO & Founder • November 26, 2022
The identity of your code – a cryptographic hash of it – can’t be spoofed or stolen. This is a powerful property that can make your infrastructure extremely secure. Let’s explore this concept by building up to making a request to Amazon’s Key Management Service (KMS) to return a decryption key that only a specific piece of code should have access to. At build time: calculate the expected values of our cryptographic hashes record these into an access policy record these into an audit trail to find code when given a specific hash At run time: calculate the actual values sign an attestation containing these values, anchored by trusted party Optional, but useful at run time: provide guarantees the environment won’t be mutated from our trusted state provide guarantees that sensitive data can’t be read from memory by other processes provide protection from unwanted network egress Each of these properties is fulfilled by AWS Nitro Enclaves, a form of secure enclave like your iPhone contains, but on a server.
By Eugene Yakubovich, Chief Architect & Founder • November 2, 2022
Today we introduce a new open source tool, Enclaver to aid engineers in building, testing and running code within secure enclaves, starting with AWS Nitro Enclaves. View on GitHub ★ Star on GitHub Read Docs Enclaver is the start of the technological foundation for achieving EdgeBit’s mission: to empower cloud services to consume and process data securely – in a way that maintains customer control over data, without getting in the way.
By Rob Szumski, CEO & Founder • September 16, 2022
ThreatVector is an ongoing series where we break down recent security incidents in the news to understand how they happened, how they spread and what the ramifications are for companies as they evolve their defenses. Details have just emerged about a devastating, wide-ranging compromise of Uber from their corporate network, VPN, Google GSuite and their production AWS infrastructure, including databases. Our last ThreatVector post covered how social engineering allowed the Twilio compromise and subsequent Signal account takeover and this situation appears to have unfolded in similar fashion:
By Rob Szumski, CEO & Founder • September 14, 2022
The rise of Software as a Service (SaaS) has unlocked an immense amount of value for enterprises and consumers alike. The cost of that value has been control over your data. With security incidents and sophisticated vendor traversal attacks (like the Aug. 2022 hack of Twilio & Signal) becoming more commonplace, the lack of control is starting to show its true cost. Introducing EdgeBit We’re founding EdgeBit because we believe that we can solve this problem – to empower SaaS services to consume and process data securely – in a way that maintains customer control over data, without getting in the way.
By Rob Szumski, CEO & Founder • September 14, 2022
ThreatVector is an ongoing series where we break down recent security incidents in the news to understand how they happened, how they spread and what the ramifications are for companies as they evolve their defenses. The messaging and communications giant Twilio was attacked via a social engineering on August 4, 2022 with an unknown number of employee accounts being taken over but 125 customers impacted. There are a few notable attributes about this attack: