Hopr WoSP Advantages and Benefits

Devs, DevOps, and Platform Engineers struggle with implementing application networks that must securely share data between Kubernetes clusters and across cloud environments.

Hopr has developed a “first-of-its-kind” Workload Security Proxy (WoSP) to ease the friction and improve the security of networking containerized workloads across all cloud environments. This video explains the important advantages and benefits of waWoSPs that are possible because of unique cloud native innovations.

A WoSP is a small lightweight container that is deployed as a sidecar to a host workload, such as an application running in a Kubernetes environment, but it could also be used with a containerized IoT device.

WoSPs deliver many advantages and benefits over conventional application networking, but at a high level WoSPs: Simplify application networking; Reduce cyber risk; and Increase cyber resilience. And they are future ready and future proof for the cloud.

The following summarizes the advantages and benefits.

The Hopr WoSP uniquely decentralizes identity and secrets management, reducing the reliance on conventional cloud and third-party services that add management overhead, cost, and complexity. This eliminates the boundaries of conventional central identity solutions, which constrain transport layer encryption and force its termination or complicate the transfer of data across the boundaries.

Wasps eliminate the complications from conventional identity trust boundaries and simplify connections between applications in any cloud anywhere. Data can be easily shared without regard for the existing transport layer encryption boundaries.

WoSPs have the unique capability to recognize untrusted connection attempts and reject them before the untrusted sender accesses an API endpoint with a stolen API key.

The next advantage is an identity credential, called a MAID, that enables trust verification of every workload at the start of a communication session. As workload communication sessions occur, a chain of trust in the workload is built.

Another wasp advantage is the use of symmetric encryption only, which means that the WoSP is not vulnerable to quantum computing attacks, a future problem with ever-increasing risk. And end-to-end encryption occurs without exchanging the symmetric key.

WoSPs can also network applications in different clouds or organizations (third parties) that are part of a digital ecosystem. Hopr's Kerberos for the Cloud protocol verifies identity trust verification of authorized third party workloads before a communication session is permitted. If the identities of the two wasps are trusted, they receive a CHIPS algorithm for their direct secure communication session.

WoSPs provide an important cyber risk and resilience benefit to the fight against sophisticated, advanced persistent threats (APTs) that can penetrate network defenses and operate undetected. WoSPs disrupt APT attacks by hopping the identity credential and ephemeral encryption key at a high frequency. The hopping creates an automated moving target defense (AMTD) that prevents attackers from finding and abusing workload access credentials.

WoSPs are much simpler to configure and deploy than conventional application networking solutions that involve trial and error implementations and are difficult to maintain. WoSPs use a simple, DevOps-friendly process that eliminates the need for complicated integration and code changes necessary to accommodate external centralized cloud managers.

Hopr WoSPs are an ideal fit for cloud application networks that operate in high risk industries such as financial services, healthcare IT, critical infrastructure, and national defense. The cloud native containers enable on-demand, quantum proof, ultra-secure, application networking with verified trust across all cloud environments.

https://hopr.co