Cape's Blog

Updates and announcements from our team

Introducing Cape: Encrypt, Deploy, Run

Cape is an easy way to run serverless functions on encrypted user data while keeping it confidential; it is serverless confidential computing. Try our beta for free.
I believe developers want to protect their user's data. Data breaches happen because security is HARD. Security and privacy techniques require a ton of expertise…
Gavin Uhma
Gavin Uhma
cape-encrypt-deploy-run

What is Data Privacy?

Our mission at Cape Privacy is to protect privacy-by-default. As a company headquartered in New York and Halifax, Cape Privacy is based in two countries where denizens place a high importance in privacy.
The Pew Research Center in the United States found, “Some 81% of the public say that the potential risks they face because of data collection by companies outweigh the benefits, and 66% say the…
Bessie Chu
Bessie Chu
Privacy in the Cloud Icon

Where In The World Are My Colleagues?

Allowing others to know my exact location makes me uneasy. I can’t specifically articulate what I’m concerned about, but I trust my gut on these kinds of questions, and I know I’m not alone in feeling this way.
This “location uneasiness” eventually presented a challenge to one of our practices: we are a fully remote team, and in all-hands meetings we usually “go around the room” in…
David Besemer
David Besemer
A cell phone displaying a map of North America with lines connecting between several different locations.

Protect Your Data: Shift Left on Encryption

It feels like data breaches happen in the news everyday. Even major password managers such as LastPass meant to secure accounts seem to suffer them at a disturbing regularity. It's not just a feeling, 2022 roared off with a 14% increase in breaches Q1, mirroring increasing trends.
For “83% of companies, it's not if a data breach will happen, but when.” The data breach costs $9.44M on…
Bessie Chu
Bessie Chu
Shift Left on Encryption

What is Encryption? How Can It Help Process Data Securely?

Very simply, encryption takes information and changes it so it’s not readable. People use encryption when they’re concerned that there might be sensitive information they don’t want out in the public, such as your credit card number, and only able to be used by a trusted party. Decryption refers to the process of making that information readable again.
Methods of encryption have been around for a long time, such as the Polybius Square
Bessie Chu
Bessie Chu
Encryption

Demystifying Encryption: Symmetric Encryption, Public-key Encryption, and Hybrid Encryption

In this blog we provide a technical overview of encryption, primarily focusing on two of the most widely used encryption algorithms today - AES and RSA. We also introduce an encryption functionality of Cape Privacy, a confidential computing company, called cape encrypt. This feature allows its users to simply call cape encrypt on an input using the capeCLI without the need to…
Ellie Kloberdanz
Ellie Kloberdanz
A key standing upright with a reflection

How to Add TLS to Nitrogen

Cape provides an isolated compute environment to protect your data and code while it's being processed. But how do you get your data and code into Cape in the first place? For that, we rely on TLS (which is the protocol behind HTTPS). TLS within an enclave provides unique challenges.
TLS alone is not enough to verify you are communicating with an enclave. TLS certificates are issued for a domain…
Justin Patriquin
Justin Patriquin
TLS with Nitrogren

How Does Encryption Protect Privacy and Enable Secure Processing?

In a world of data privacy threats from malevolent actors using information to blackmail to the steady drumbeat of identity theft, there’s the ever bigger question of do you know where your data is? Do you know how it’s being protected? 
This line of inquiry tends to lead to discussions about cybersecurity. Cybersecurity is a broad discipline but largely…
Bessie Chu
Bessie Chu
How Does Encryption Protect Privacy and Enable Secure Processing?

How to Add TLS to Nitrogen

I was recently reminded about the tool mkcert and it inspired me to add a TLS example to the Nitrogen. mkcert makes its incredibly easy to test TLS with your application during local development. Its very important to note that the TLS certificates generated by mkcert should only be used for development and never production applications.
Just a quick overview of mkcert. Before doing anything you must install the CA to your local machine: mkcert -install
Justin Patriquin
Justin Patriquin
TLS with Nitrogren

Using a Random Forest Model for Fraud Detection in Confidential Computing

Credit card fraud is a form of identity theft, which involves using another person's credit card to make purchases or withdraw cash advances without the card owner's consent. Fraudsters may either obtain your physical credit card, or just steal your credit card information such as the account number, cardholder name, and CVV code and use it to take over your account.
In fact, according to the Federal Trade Commission credit card fraud has become the most frequent type of identity theft in 2022 [1]. The good news is that most major credit card providers such Visa, Mastercard or American Express offer $0 liability protection to their customers, which means that individuals whose credit card information has been stolen aren't personally liable for fraudulent transactions. However, having your identity stolen and going through the process of mitigating the repercussions of it is still no fun. Therefore, timely credit card fraud detection is paramount for protecting credit…
Ellie Kloberdanz
Ellie Kloberdanz
Credit Card Fraud Stock Image

Introducing Nitrogen: Deploy Web Servers and Databases to AWS Nitro Enclaves

TL;DR: Nitrogen is a tool for deploying web servers, databases, and other services to AWS Nitro Enclaves. Given a Dockerfile, Nitrogen will spin up an EC2 instance, configure external networking, and build and deploy your web service. What you get back is a hostname and port that's ready to use. Nitrogen is fully open source and comes with pre-built scripts for popular services like Redis, and…
Gavin Uhma
Gavin Uhma
intro_nitrogen

Overview of the AWS Nitro Enclaves Nitro Secure Module and its API

The NSM is a powerful tool that allows developers and clients to customize the Nitro Secure Enclave system to fit the needs of problems they are solving. The Nitro Secure Module (NSM) provides some of the core functionality of the Nitro Enclave. The NSM API allows the client to set, query and lock PCRs, enabling precise control over the PCRs depending on the…
Justin Patriquin
Justin Patriquin
Nitro Security Module and Cape

Secure Breast Cancer Identification

Performing data analysis and modeling on medical data can provide extremely useful insights into both public and individual health. However, there are two primary challenges when it comes to running statistical analyses or developing predictive models with medical data. The first challenge is the size of medical data sets. Medical trials often include a number…
Ellie Kloberdanz
Ellie Kloberdanz
Breast Cancer Identification

Leader Election Problem and Consensus Protocols

In the no-longer-as-niche world of distributed systems, there is always a fundamental problem whose solution came to be the building block of modern day massively distributed computation platforms. Of course I'm talking about consensus. Past versions of achieving this include algorithms like Paxos and Raft, which have seen much adoption in today's distributed services…
Eric Zhang
Eric Zhang
Election Leader Blog

How Cape Protects Keys from Attacks Trying to Exploit Memory Dumps

In this post, we'll be exploring one of the many hazards of multi-tenancy, and just how hard it can be to get security right! Have you ever wondered how secure data is in memory? Today I will show you that you don't have to exploit Spectre and Meltdown to steal private information from a running program. You can do that with basic debugging utilities included in modern operating systems.
Kyle Kloberdanz
Kyle Kloberdanz
RAM

Confidential Personality Assessment

Apparently I am a "reformer". That's what I learned recently when I completed an Enneagram assessment. If you're not familiar with Enneagram, it is the latest personality assessment to achieve popularity. It works by asking the subject to react to a set of statements, from strongly agreeing, to neutral, to strongly disagreeing. When you complete the assessment, your reactions get tallied to…
David Besemer
David Besemer
Enneagram Types

Secure Search with Cape

Sometimes the data you need to process is sensitive, but sometimes so are the things you're searching for. We encountered a use case that needed to sift through streaming network data and look for hits on certain IP addresses. The data itself was sensitive, but the search criteria was even more so because it identified targets of an investigation. It was of utmost…
Michael Gardner
Michael Gardner
Secure Search

Secure Mortgage

At Cape Privacy, we strongly believe in protecting users' data. In fact, we built a company dedicated to making that simple for any developer. We do this by extending data protection from "at rest" and "in transit", to "in use" as well. When using Cape serverless functions, you are leveraging confidential computing via simple API calls.
Any application that…
Michael Gardner
Michael Gardner
Secure Mortgage

Secure Sentiment Analysis with Cape

Sentiment analysis is an application of natural language processing (NLP) that classifies the sentiment of text, typically as either positive or negative. Because vast amounts of data exist in textual form, sentiment analysis has a lot of practical applications including social media monitoring, customer feedback analysis, news analysis…
Ellie Kloberdanz
Ellie Kloberdanz
Sentiment Analysis Blog

AWS Nitro Enclave Cryptographic Attestation with Cape Privacy

Attestation is a feature provided by enclaves to help verify that the user is communicating with a known enclave. Using hashing algorithms and public key cryptography, the user is able to verify that the enclave is the enclave they are expecting and create a secure channel of communication. AWS Nitro Enclaves provide platform configuration registers (PCRs) which contain hexadecimal values that…
Justin Patriquin
Justin Patriquin
run_attestation

Achieve Pay Equity While Keeping Data Private

The ability to process data securely is historically managed through various tools and policies. In the world of human resources, organizations may manage employee data through a single system and have policies in place to limit access. However, this data may at times need to be accessed and shared with other parties, internally and externally, including finance, department…
Alan Wong
Lee Rosen
Rahul Ramesh
Shweta Sah
equalpay

What is Confidential Computing?

The Confidential Computing Consortium defines Confidential Computing as:
"Confidential Computing protects data in use by performing computation in a hardware-based Trusted Execution Environment (TEE). These secure and isolated environments prevent unauthorized access or modification of applications and data while in use, thereby increasing the security assurances for organizations that manage…
Bessie Chu
Bessie Chu
Diagram

Celebrating the Women of Cape Privacy - Meet Bessie Chu

As an innovative tech company, Cape Privacy relies on a diverse and skilled team of professionals who bring their talents to a highly collaborative environment. Through that collaboration we are building a platform that protects security by default with a novel combination of secret sharing and secure multiparty computation.
For women's history month, a number of our strong women talk about what…
Bessie Chu
Jenny LaPierre
CapePrivacy WomenOfCapePrivacy BessieChu Option2 800x420

Celebrating the Women of Cape Privacy - Meet Ellie Kloberdanz

As an innovative tech company, Cape Privacy relies on a diverse and skilled team of professionals who bring their talents to a highly collaborative environment. Through that collaboration we are building a platform that protects security by default with a novel combination of secret sharing and secure multiparty computation.
For women's history month, a number of our strong women talk about what…
Ellie Kloberdanz
Bessie Chu
CapePrivacy WomenOfCapePrivacy EllieKloberdanz Option2 800x420

Celebrating the Women of Cape Privacy - Meet Jenny LaPierre

As an innovative tech company, Cape Privacy relies on a diverse and skilled team of professionals who bring their talents to a highly collaborative environment. Through that collaboration we are building a platform that protects security by default with a novel combination of secret sharing and secure multiparty computation.
For women's history month, a number of our strong women talk about what…
Jenny LaPierre
Annie Tan
CapePrivacy WomenOfCapePrivacy JennyLaPierre Option2 800x420

Celebrating the Women of Cape Privacy - Meet Luisa Herrmann

As an innovative tech company, Cape Privacy relies on a diverse and skilled team of professionals who bring their talents to a highly collaborative environment. Through that collaboration we are building a platform that protects security by default with a novel combination of secret sharing and secure multiparty computation.
For women's history month, a number of our strong women talk about what…
Luisa Herrmann
Ellie Kloberdanz
CapePrivacy WomenOfCapePrivacy LuisaHermann Option2 800x420

Celebrating the Women of Cape Privacy: Meet Annie Tan

As an innovative tech company, Cape Privacy relies on a diverse and skilled team of professionals who bring their talents to a highly collaborative environment. Through that collaboration we are building a platform that protects security by default with a novel combination of secret sharing and secure multiparty computation.
For women's history month, a number of our strong women talk about what…
Annie Tan
Shweta Sah
CapePrivacy WomenOfCapePrivacy AnnieTan Option2 800x420

Celebrating the Women of Cape Privacy: Meet Chris Friesen

As an innovative tech company, Cape Privacy relies on a diverse and skilled team of professionals who bring their talents to a highly collaborative environment. Through that collaboration we are building a platform that protects security by default with a novel combination of secret sharing and secure multiparty computation.
For women's history month, a number of our strong women talk about what…
Chris Friesen
Grace Poetzinger
CapePrivacy WomenOfCapePrivacy ChrisFriesen Option2 800x420

Celebrating the Women of Cape Privacy : Meet Grace Poetzinger

As an innovative tech company, Cape Privacy relies on a diverse and skilled team of professionals who bring their talents to a highly collaborative environment. Through that collaboration we are building a platform that protects security by default with a novel combination of secret sharing and secure multiparty computation.
For women's history month, a number of our strong women talk about what…
Grace Poetzinger
Reesha Dedhia
CapePrivacy WomenOfCapePrivacy GracePoetzinger Option2 800x420

Celebrating the Women of Cape Privacy: Meet Shweta Sah

As an innovative tech company, Cape Privacy relies on a diverse and skilled team of professionals who bring their talents to a highly collaborative environment. Through that collaboration we are building a platform that protects security by default with a novel combination of secret sharing and secure multiparty computation.
For women's history month, a number of our strong women talk about what…
Shweta Sah
Chris Friesen
CapePrivacy WomenOfCapePrivacy ShwetaSah Option2 800x420

Cape Privacy + Snowflake: Breaking Down Barriers for Financial Services

The financial services industry has a reputation for being highly risk averse. Institutions that are entrusted with the wealth of individuals and organizations, and that are under strict scrutiny from state and federal regulators, are right to be cautious in their affairs. That's because the trust on which they stake their reputations is as important as the assets that are on their balance sheets…
Reesha Dedhia
Reesha Dedhia
CapePrivacy BlogImage 1

Q&A With Cape Privacy Co-Founder and CTO Gavin Uhma: Part Two

Cape Privacy's Head of Marketing Reesha Dedhia recently sat down for a two-part conversation with the company's Co-Founder and CTO, Gavin Uhma. In Part Two, Gavin describes what happens when an organization grasps the idea that they can keep data encrypted and still put it to work–in the cloud. Then he explains why Cape Privacy's partnership with Snowflake is the ideal combination for financial…
Gavin Uhma
Reesha Dedhia
CapePrivacy BlogImage 4

Q&A With Cape Privacy Co-Founder and CTO Gavin Uhma: Part One

Cape Privacy's Head of Marketing, Reesha Dedhia recently sat down for a two-part conversation with the company's co-founder and CTO, Gavin Uhma. In Part One, they talk about the meaning behind the Cape Privacy name, the importance of privacy and data security, and the "Aha!" moment when organizations come to understand what Cape Privacy does.
Reesha Dedhia: First, the name: Cape Privacy. Describe…
Gavin Uhma
Reesha Dedhia
CapePrivacy BlogImage 3

How Cape Privacy Can Augment a Tokenization-Based Ecosystem for Secure Machine Learning Predictions

Many enterprises today use tokenization to protect their sensitive data and incorporate tokenization workflows as part of their data protection ecosystem. However, tokenization alone does not solve protecting sensitive data in-use or facilitate the most secure environment for using sensitive data for machine learning.  Both tokenization and encryption secure information during transfer and storage…
Bessie Chu
Yann Dupis
CapePrivacy BlogImage 1

Better Data, Better Predictions, More Accurate Financial Fraud Detection and Prevention

Financial Services institutions are in a constant struggle to stay ahead of fraud and other financial crimes. The reasons are simple: financial fraud harms people, costs money, and undermines brand trust. When fraud occurs, the financial institutions involved often bear a disproportionate cost. The most recent LexisNexis True Cost of Fraud study found that every $1 of fraud perpetrated costs…
Reesha Dedhia
Reesha Dedhia
CapePrivacy Blog Image 4

Know Your Customer: Preventing Fraud and Protecting You and Your Clients

Know Your Customer (KYC) refers to a set of financial services industry standards and guidelines designed to protect both the client and the service provider from fraud. Under KYC a detailed customer profile is built and maintained, and all transactions are monitored and evaluated based on an accurate understanding of the customer, their risk profile, and all applicable laws. KYC starts with…
Reesha Dedhia
Jason Mancuso
Rahul Ramesh
Know Your Customer - Blog Image

Personalizing Financial Products Used to Be Hard, But not Anymore

Personalization can be a powerful tool for reaching and converting new customers–and better serving the customers you already have–by delivering a message that is in-tune with their interests and needs. According to a study by Forrester, AI-driven personalized marketing was responsible for an average 5% incremental improvement in customer conversions and a 5.5% increase in online purchases. That's…
Reesha Dedhia
Reesha Dedhia
Personalize - Blog Image

Operationalize Your Encrypted Data in a Snowflake Data Clean Room

Keeping data secure is a business imperative. That's because the costs associated with a data breach are significant, and the risk of technical or human error, or an attack by threat actors, is ever-present. According to a 2021 cost of a data breach report, compromised data will cost an average of $4.24 million per incident; but for certain industries the costs are much higher. Healthcare and…
Reesha Dedhia
Reesha Dedhia
Data Clean Room - Blog Image

Financial Services AI Predictions: the Power Behind Buy Now Pay Later

Buy now, pay later (BNPL) is a major trend in e-commerce. Seen as an alternative to traditional credit cards, the concept of BNPL is not new, but technology has revolutionized the process of evaluating and extending instant consumer credit for both online retailers and third-party applications. And it's catching on.
Financial services industry research and consulting firm Cornerstone Advisors…
Reesha Dedhia
Reesha Dedhia
Cape Privacy Buy Now Pay Later Blog Graphic

Secure Multiparty Computation: Running AI Predictions on Encrypted Data

When discussing the application of prediction intelligence with the financial services industry, we usually end up uncovering a lot of latent conflict within organizations that recognize the potential for making better, more timely decisions with AI-based tools. Decision-makers and portfolio managers see the possibilities for mining rich data stores for critical insights that can improve the…
Reesha Dedhia
Reesha Dedhia
Secure MPC - Running Secure AI Predictions on Encrypted Data

Data Clouds and Decision Intelligence: A New Era

Data creation and collection is a vital aspect of doing business in financial services. Every transaction and customer interaction creates a data trail that, in aggregate, can reveal valuable trends and insights. When analyzed with the right models, financial data can be used to create decision intelligence and generate predictions that can be used to improve trading performance, reduce risk…
Reesha Dedhia
Reesha Dedhia
Data Clouds and Decision Intelligence

Cape Privacy and the Next Century of Artificial Intelligence

The second in a series of twenty five-year reports tracking the progress, impact, and evolution of artificial intelligence over the next century was issued recently. Led by Stanford University, the first of the ambitious (AI100) was issued in 2016. The 2021 report was joined by experts from The Alan Turing Institute, Brown University, California Polytechnic University, Cornell, Duke University…
Reesha Dedhia
Reesha Dedhia
AI and Cape

Privacy Preserving Access to Data Leads to Better Results, Better Trust

Technology research and consulting firm Gartner recently published their Market Guide for AI Trust, Risk & Security Management. Cape Privacy is included among the wide-ranging list of vendors who apply artificial intelligence in its various forms to help address the challenges of protecting data and the networks and systems that work with, store, and manage data. According to Gartner, who…
Reesha Dedhia
Reesha Dedhia
CAP-87 Gartner Blog Inline Img

Encrypted Learning: A CTO's Perspective

In a recent Cape Privacy Webinar, A Discussion on all-Things Machine Learning, Data Science, and Data Privacy, Cape Privacy CEO Ché Wijesinghe and Priceline CTO Martin Brodbeck talk about Brodbeck's wide range of experiences managing and analyzing data for top companies and innovators like Pfizer, Shutterstock, Diageo, and a number of private equity firms. The pair also focus on his current work…
Reesha Dedhia
Reesha Dedhia
Encrypted Learning: A CTO's Perspective

Encrypted Learning: Helping Data Scientists Solve Problems, Protect Privacy

Over the next ten years, data science roles will change as the skills and tools data scientists rely on evolve, driving 15% growth for the profession, according to the Bureau of Labor Statistics. The ability to extract valuable insights from data is too important for organizations to ignore, and investments and innovations in data science will improve decision-making. And a big part of that…
Reesha Dedhia
Reesha Dedhia
A man and a women holding a clipboard analyzing data

Unlocking the Value of Protected Data: Encrypted Learning in Financial Services, Health Science, and Government

Data science is a key field for revealing "what's next," and data scientists have a lot of powerful, sophisticated tools for turning data into critical insights. Often what they don't have is access to high-value data stores they can use to refine their models and make their breakthroughs. In machine learning, better tools and better data produce better outcomes; but data privacy regulations can…
Reesha Dedhia
Reesha Dedhia
Three illustrated buildings side-by-side and abstract clouds overhead.

10 Options for Sharing Protected Data to Train Machine Learning Models

Machine learning is a powerful tool for driving high performance in a broad scope of business applications. It is a powerful means for gaining insights from data by finding patterns and correlations that might otherwise remain obscured by routine analysis. In fact, what drives improved performance of machine learning (ML) is data, and lots of it.
Data is the fuel that feeds ML, and ML algorithms…
Reesha Dedhia
Reesha Dedhia
A pencil checking off items on a checklist with graph visualizations in the background

Encrypted Learning: Unlocking the Door to Data Sciences Competitive Value

Data science is all about combing through massive stores of data to challenge conventional wisdom or discover new and surprising insights that can lead to better outcomes in business practices, scientific research, public policy, health and safety, and other aspects of living in the modern world.
Data scientists have the privilege of running the models used to gather and analyze large datasets in…
Reesha Dedhia
Reesha Dedhia
A person holding a key in front of an open door containing shapes and charts