Cape logo

Keep Your Data Confidential

Encrypt Everywhere. Process Only in Secure Containers. No Key Management Required.

Try Cape for FreeRequest More Info
$ cape encrypt cat.png > encrypted.png
$ cape deploy mobilenet
> Success! Deployed mobilenet to Cape
$ cape run mobilenet -f encrypted.png
> 98% cat. 1% demon. 1% other.

Protect Your Users' Data

Encrypt sensitive and regulated data at the point of entry and keep it protected even during processing

Protect Your Code

Deploy functions containing proprietary algorithms, models, and secrets while keeping your intellectual property confidential

What happens in Cape, stays in Cape

With Cape, your data and your code are encrypted in a way that can only be processed within one of Cape's secure enclaves. Cape’s secure enclaves are isolated compute environments, with no storage, no networking, and no shell access. No one can see what a secure enclave is processing. Once your function runs, the result is encrypted, and the enclave is destroyed, leaving no trace of the data or code even in memory.

Learn about enclaves

Built for Developers

Encrypt, Deploy, and Run

Cape empowers developers to build secure applications which protect the underlying data and code from the cloud.

Read the docs

Encrypt Data

Use Cape to easily encrypt data of any type including images, audio, video, and text. Cape handles the encryption protocols, and key management for you. And, better yet, encrypting with Cape is fast, and runs offline.

$ cat data.txt
> Hello! How are you on this fine day?
$ cape encrypt -f data.txt
> cape:f00f3466fc73d2880088f5dd4f92b988cf5ab437b701afe63e874b1833539af453907c0a9b13d149e24c0357cc934bceda8817778756325a34b78ba3208788cab2cda67c3948c93ea7733d732545148742ba771517e51ad17c907fef98fe1455044d059d84d78aba314d18ed1269d1127cee8942201bf63a5230df56dce8bda5

Deploy from the CLI

Developers can deploy any type of function with Cape, from simple scripts to complex machine learning models. Your code is encrypted locally, and can only be processed within Cape’s secure enclave — protecting your IP, secrets, and methods.

$ cape deploy translation
> Success! Deployed function to Cape
> Function Name → translation 
> Function Checksum → cbch8c9f7ac41138935810c3f45cd16d1abfbe15a37b1fc09a11dfbc3d44b447

Run from an SDK

Use Cape’s SDKs in Python, JavaScript, and Go to build Cape into your apps. The SDKs establish a direct, end-to-end encrypted connection to a dedicated, one-time-use secure enclave with cryptographic attestation. The enclave then processes your encrypted inputs, and returns encrypted results.

  • Python
  • JavaScript
import { Cape } from '@capeprivacy/cape-sdk';

const client = new Cape({
  functionToken: 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9',
});
const result = await client.run({
  name: 'translation',
  data: 'cape:f00f3466fc73d2880088f5dd4f…'
})

console.log(result) // Comment allez-vous en ce beau jour?
Cape solved a major problem by making the encrypted data useful without decrypting it. It's a real game-changer.
Michael Aguiling's portrait
Michael AguilingFormer CTO JP Morgan Chase Information Services & Cerberus Technology Solutions

Recognized by the Industry

Cape Privacy has recently been recognized in Gartner's 2021 AI Trust, Risk & Security Management (TRISM) Market Guide, 451 Group's Encryption-In-Use Report, Matt Turck's 2021 MAD Landscape, and was named a 2021 RSA Innovation Sandbox Finalist.