
CORE Information Security
Virtualized key protection and management for code signing, transaction signing, protecting secrets vaults, and more; virtualized encryption for storage and virtual machines; and key protection and support for any application using cryptographic services.
Revolutionizing Data Encryption
Quickly encrypt VMs, databases, storage, and more across all sites with automated synchronization. Developer-ready, expert-grade tools to secure data in applications.
Use Cases
Infrastructure and App-Level Encryption
Encrypt common databases using TDE, virtual machines, secrets vaults, and storage encryption tools. Leverage CORE with any standard library (PKCS11, CNG, KMIP, JCA, OpenSSL, etc.).
Tokenization and Masking
Tokenize PII and credit card numbers in a way that preserves their exact format – and use existing applications and SaaS services without exposing plaintext data to them.
Code Signing
Securely and seamlessly sign code – even for high-security EV certificates. Software-only.
Key Features
Scalable
& Flexible
& Flexible
No matter what the use case, CORE can scale up or down according to your enterprise needs.
Transparent &
Seamless Integration
Seamless Integration
Completely transparent and easily deployed without disrupting the existing workflow of applications. Supports all industry-standard HSM and Key Management APIs, as well as all standard cryptographic algorithms.
Easy Operation &
Automation
Automation
With CLI and REST APIs included, you can fully automate system installation, deployment, ongoing operation, and management -- saving you and your team from spending precious time on labor-intensive tasks.
Cryptography for the
Modern IT
Modern IT
Unbound Key Control is future-ready, so your cryptography infrastructure can be too.
Unbound provides a crypto-agile system that ensures you will be up and running the latest crypto, with update cycles measured in days to weeks -- not months or years.
Secure
Administration
Administration
Unbound CORE allows you to customize granular admin authorization and access management policies in multiple ways. For example, you can define a minimum number of admins who must work in unison on high-security operations. Or add another layer of access security at the application level, in addition to server authorization.
Context-Based
Auditing
Auditing
Get the full details of every decrypt or signing operation in real-time whenever a key is used. Receive detailed logs that include operation type, date and time, the servers from which the request was made, and the authorizing users. The logs can be exported to third-party tools, such as SIEM.

See CORE in Action
Unbound Key Control Technology Integrations
We’ve partnered with the leading technology companies to bring
even more control and visibility into your cryptographic arsenal.


Apache
Unbound protects the private keys of the Apache SSL certificates.


Amazon Web Services (AWS)
Unbound protects the cryptographic material within its secure boundaries, while supporting BYOK to AWS.


Axoni
Unbound provides key management support for Axoni.


Microsoft Azure
Unbound has launched the first Cloud vHSM and Key Management solution on Azure Marketplace. Additionally, Unbound protects the cryptographic material within its secure boundaries, while supporting BYOK to Azure.


Cryptomathic
Unbound acts as a vHSM, protecting the cryptographic material used by the Crypto Service Gateway control center.


CyberArk
Unbound protects privileged accounts of CyberArk Privileged Access Security ensuring that the keys that protect user credentials are never kept whole.

DigiCert
Unbound automates the certificate generation process while safeguarding the private key of the certificate.


Docker
Unbound can be used to sign Docker containers.


Enveil
Unbound shields the cryptographic keys used by Enveil data-in-use, ensuring that nothing is ever revealed during the entire processing lifecycle.



Google Cloud Platform
Unbound integrates with GCP's external key manager, allowing for full protection of GCP keys throughout the operation lifecycle.


HashiCorp
Unbound protects the HashiCorp Vault master key, allowing automatic unsealing and seal wrapping.


Hyperledger Fabric
Unbound's NextGen Key Orchestration Platform provides key management for enterprise blockchain providers using Hyperledger Fabric.


IBM
Unbound secures the encryption keys used for IBM DB2 TDE (transparent data encryption), protecting data "at rest". Additionally, Unbound logs can be parsed and viewed using the SIEM capabilities of QRadar.


Java
Unbound protects application keys and acts as the cryptographic provider for Java applications.


Jetty
Unbound protects Jetty app server's TLS keys.


MacOS Signing
Unbound's Enterprise Code Signing application, built on UKC, can be used to sign MacOS and iOS code.


MarkLogic
Unbound secures the encryption keys used for MarkLogic DB, protecting data "at rest."


McAfee
Unbound safeguards the encryption keys used by McAfee Skyhigh CASB for uploading encrypted data to the cloud.


Microsoft
Unbound is safeguarding the user Active Directory credentials used for 2FA.
Microsoft SQL Server
Unbound secures the encryption keys used for MS SQL TDE (transparent data encryption), protecting data "at rest."


MongoDB
Unbound secures the encryption keys used for MongoDB TDE (transparent data encryption), protecting data "at rest."


NetApp
UKC protects NetApp encryption keys.



NginX App server
Unbound protects NginX app server TLS keys.


OpenSSL
Unbound OpenSSL engine enhances storage and retrieval of cryptographic keys, by protecting them as split key shares instead of as whole key material.


Oracle Database
Unbound secures the encryption keys used for Oracle TDE (transparent data encryption), protecting data "at rest."


Ownera
UKC protects Ownera blockchain keys.


PrimeKey
Unbound secures the PrimeKey EJBCA Root CA private keys, protecting the PKI environment.


Python
Unbound protects application keys and acts as the cryptographic provider for Python applications.
Quorum
UKC protects Quorum blockchain keys.


Salesforce
Unbound protects the cryptographic material within its secure boundary, while supporting BYOK and HYOK with Salesforce.


ServiceNow
Unbound protects the cryptographic material within its secure boundary, enabling to perform edge encryption with ServiceNow.


Splunk
UKC is integrated into Splunk for auditing operations.


Symbiont
UKC provides key protection for Symbiont blockchain keys.


Thycotic
UKC protects Thycotic master keys.


Venafi
Unbound UKC and Venafi's TPP integrate to protect machine-to-machine communications and machine identity using MPC-based technology.


VMware
Unbound defends the cryptographic keys used for VM encryption at the vCenter and vSAN.
Learn More

Introducing Unbound CORE: Cryptographic Orchestration Reimagined for the Enterprise
It is with great pleasure that we announce the Unbound CORE platform, our next generation solution offering that delivers comprehensive cryptography orchestration for enterprises. This new offering marks a major s...

More Attacks, Higher Burnout: The Toll of Decentralization on the Cybersecurity Industry
Cybersecurity professionals not only have to worry about the increase in security breaches and attacks that have dominated the news in recent weeks; they must also contend with the persistent feeling of not doing ...
Unified Management and Protection of Your Information
No matter where you encrypt or store your keys, CORE has you covered.
