Data encryption designed for modern threats

The most effective and efficient way to protect sensitive application data

Ubiq’s API-first approach is the easiest and most effective way to protect sensitive data from unauthorized access or exposure.

How Ubiq can help you

Automate secure key management

Efficiently manage key lifecycle and algorithm usage, and leverage FIPS 140-2 compliant HSM key storage.

Enable rapid compliance

Encrypt application data by default, with full audit and logging capabilities in a single dashboard.

Get started in minutes

Integrate application-native client-side encryption into your applications in minutes, without having to restructure your storage infrastructure.

Reduce the risk of data theft

We enable you to encrypt data within your application infrastructure, so attackers, insider threats, cloud providers, and not even Ubiq have access to your data or keys.

Protect any data type

Encrypt structured or unstructured data, wherever it lives - databases, data warehouses, files - on-premise or in the cloud.

Integrate into any application type

Integrate encryption into mobile or IoT, front-end, mid-tier, or back-end application architectures with ease and flexibility.

How to get started

Create a free account and register your application in minutes.
Retrieve your API keys and download your language-specific client library.
Add a few lines of code to call encrypt() or decrypt() methods where your application needs to encrypt or decrypt data.
No other changes to your application or how and where you store data. And your data never leaves your environment.

Into the future of encryption

An efficient, effective approach to protecting sensitive application data.

10 min

to go live

9 languages

supported

ubiq = require('ubiq-security' 1.0.5)

const credentials =
    new ubiq.Credentials('T31i/+eZAsURqVOO/0WfkGqd',
                         'GyPujOPlRcQu+uF7sZchT0c1BsUMkyqcIlz0ss3FhciS',
                         'AkQ9vGDsUhZPHk+YUSekFEJSP0XzKouEpfMIt6ZvmEfd')

plaintext_data = 'ABC'

encrypted_data = await ubiq.encrypt(credentials, plaintext_data)
console.log(encrypted_data.toString('base64'))

decrypted_data = await ubiq.decrypt(credentials, encrypted_data)

Stop figuring out crypto, start writing code.

We obsess over hiding away the complexity and intricacies of encryption and key management through elegant abstractions, so you don’t need to spend months developing and rolling out your own crypto or the time, money and resources acquiring, deploying, and managing encryption tooling.

Identification and Authentication Failures

An attacker performs a credential stuffing attack to gain access to privileged accounts and plaintext data.

A07:2021 – Identification and Authentication Failures
Broken Access Control

An attacker modifies an access control check or metadata to get access to privileged accounts and plaintext data.

A01:2021 – Broken Access Control
Injection

The use of a blind trust application framework allows an attacker to exploit a vulnerable query and get access to plaintext data.

A03:2021 – Injection
Insider threats

An employee with (database, cloud, etc.) admin access can easily access plaintext data.

Supply chain attacks

Your cloud provider suffers a security breach, which grants attackers access to plaintext data.

Advanced attackers

You suffer a security breach, and the attackers compromise (database, cloud, etc.) admin credentials to access plaintext data.

Frequently asked questions

1. Can I create multiple API Keys for a single application?

Yes. Every API Key can encrypt or decrypt the data associated with its Registered Application (which has its own unique Master Encryption Key). We recommend using separate API Keys for each service or host that needs to interact with a given encrypted dataset and creating different Registered Applications for each encrypted dataset. For instance, if you use the Ubiq Platform to encrypt user database records in a web application, each back-end host should have and use a unique API Key. We strongly recommend that you create a new Registered Application for each unique application or dataset you’d like to encrypt data for.

2. What encryption algorithms do you currently support?

We currently support AES-256-GCM and AES-128-GCM, with more algorithms coming in the future. Please contact us if you have specific needs and we can work with you to include them.

3. What is your standard key rotation policy? Can the key rotation policy be customized?

By default, keys are rotated annually. It can be adjusted to 3, 6, 12, 18, 24, or 36 months on a per-Master Encryption Key basis.

4. Are your APIs REST based?

Yes. The Ubiq API is organized around REST. Our API has predictable resource-oriented URLs, accepts form-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.

More FAQs

Setup is quick and easy

Uplevel your data protection. Integrate in minutes.

Create a FREE account instantly and start encrypting data or get in touch to discuss a custom package for your organization.