Isolate your entire cluster for maximum security

Constellation is the most secure way to run Kubernetes. It leverages Confidential VMs available in all major clouds to isolate and encrypt all of your workloads end-to-end. From the inside, a Constellation cluster feels 100% like Kubernetes as you know it. But for everyone else, from the outside, it’s runtime-encrypted VMs talking over encrypted channels and writing encrypted data. Sounds like magic?

Until now: infrastructure-based threats

CloudCloud provider andinfrastructure-based threatscan access your data.

With Constellation: fully isolated Kubernetes...

CloudYour Kubernetesdeployments are runtime-encrypted and shieldedfrom the infrastructure

...that runs any container securely and at scale.

Security experts and cloud architects love Constellation

Kubernetes meets Confidential Computing

Constellation solves the "trust problem" of the cloud

Why do we need a confidential public cloud?

Set up Constellation in minutes

With an easy-to-use Command Line Interface (CLI), a new Confidential Kubernetes cluster is up and running in minutes.

Constellation vs. existing confidential VM Solutions

GKE/AKS with confidential VMsConstellation
Runtime encryptionincludedincluded
Full cluster attestationnot includedincluded
Confidential networkingnot includedincluded
Confidential storagenot includedincluded
Confidential key managementnot includedincluded
Cloud agnostic / multi-cloudnot includedincluded

Embark into the future of cloud security

Get in touch to schedule a personal demo and see Constellation in action.