Thales Trusted Cyber Technologies   Contact Us | Careers

Documents

Virtru

Documents

About Virtru

Virtru is pioneering the shift from network-centric to data-centric security — embedding protection directly into data so mission owners maintain control wherever sensitive information is shared. The Virtru Data Security Platform is built on OpenTDF, an open standard evolved from technology developed at the NSA by co-founder Will Ackerly, and supports ACP 240, the Five Eyes-ratified Zero Trust standard for secure coalition operations. Trusted by over 6,000 public and private sector organizations — including the U.S. Department of Defense, JPMorgan Chase, and Salesforce — Virtru enables secure collaboration across classification boundaries at mission speed, with integrations across leading defense, cloud, and cross-domain solution providers. Virtru is headquartered in Washington, D.C. For more information visit virtru.com.

Solution Overview

Virtru Data Security Platform with Thales Trusted Cyber Technologies (TCT) Luna T-Series HSMs delivers end-to-end data protection with hardware-backed key security. The integration ensures cryptographic keys are generated and protected within FIPS 140 Level 3 validated hardware—eliminating software key exposure while enabling secure collaboration across classification boundaries and coalition partners.

Deployment Modes
The integration supports two modes, enabling organizations to balance operational requirements with security assurance:

  • Envelope Mode: A root symmetric key stored in the HSM wraps the Key Access Service private keys before they are stored in the platform database. AES-based symmetric key wrapping provides hardware-backed protection while maintaining operational flexibility.
  • Delegated Mode: Key Access Service private keys never leave the HSM. All cryptographic operations—including RSA key generation (2048/3072/4096 bit), data encryption key wrapping, and unwrapping—occur directly within the hardware security module. No key material is exposed outside the secure boundary.

Resources

ImageTitleLink
Solution Brief: Hardware-Backed Zero Trust for Classified Data: Virtru Data Security Platform + Thales TCT Luna T-Series HSMs
Solution Brief: Hardware-Backed Zero Trust for Classified Data: Virtru Data Security Platform + Thales TCT Luna T-Series HSMs
Download