Infrastructure access shouldn't mean
data access.
ASTIS is a cryptographic trust layer that separates plaintext, keys, access, and audit — so cloud, AI, vendors, and infrastructure can operate without reading business-payload plaintext.
Choose how to use the ASTIS cryptographic trust layer
A secure workspace for sensitive communication, or cryptographic controls you embed in your own product and infrastructure.
Secure communication
ASTIS Mail
Secure communication built on the ASTIS cryptographic trust layer — protected messages, documents, and calendar that don't become ordinary vendor plaintext. Works on its own, or alongside Gmail and Outlook.
- •End-to-end encrypted email and calendar
- •Templates for legal, HR, client & partner communication
- •Customer-controlled encryption keys
- •From $179/year solo · per-seat for teams
Cryptographic controls for products & infrastructure
ASTIS Platform
Embed the ASTIS cryptographic trust layer into your products, workloads, agents, and data flows — encryption, signing, FPE, workload secrets, MCP, and audit evidence, with customer-controlled keys.
Operating infrastructure ≠ reading plaintext
Systems may need to store, route, process, or audit work. They don't need business-payload plaintext to do it.
ASTIS cryptographic trust layer
Control plane — not a plaintext data path
Your control
Plaintext stays here
Users, apps, workloads, and agents. Keys and policy decisions stay under your control.
Operational systems
Cloud · databases · AI
vendors · operators
Can store, route, automate, and operate — cannot read business plaintext.
Operational access ≠ plaintext access.
Business-payload plaintext does not flow through ASTIS — only protected artifacts and cryptographic control signals do.
Why this holds
Storage, encryption, access, and audit are separate trust boundaries — a breach of one does not automatically collapse the others.
The full picture — what each part of ASTIS receives
| Category | What ASTIS receives | Where plaintext lives |
|---|---|---|
| Business payload — emails, documents, application fields, secrets | Nothing — encrypted client-side, never sent to ASTIS | Only your client endpoint / workload |
| Encrypted SKEY capsules | Capsule + routing metadata | Transiently during approved rewrap — sKey (Mail onboarding) or CVS (organization workflows) |
| Managed CVS key material & workload DEKs | Sealed key material | Transiently in CVS memory during approved operations |
| HYOK CVS — private key custody | No private key material — your OpenPGP private key stays in your CVS (SKEY capsules still live in ASTIS, encrypted to your key) | Decryption authority on your infrastructure only |
| WKD (Web Key Directory) | Public keys + directory mapping | Contains no private keys |
| Account & control plane | Account, org, config, billing metadata | Operator plane (no business payload) |
| Audit | Security event metadata | No business-payload plaintext |
| Hosted MCP (dev-time) | Inputs you explicitly pass | No runtime crypto |
ASTIS never holds it transient, in memory, managed plans only operator/metadata plane
Beyond access control
Zero Trust verifies access. ASTIS limits exposure.
Zero Trust verifies who can reach a system. ASTIS controls what that system, vendor, workload, or agent can actually see. Infrastructure operators, cloud services, AI tools, and automation do their job without receiving business-payload plaintext.
Controls for sensitive data
ASTIS Platform capabilities — pick the one that matches your job. Each is a business outcome first, a primitive second.
Encrypt without exposing plaintext
Adding crypto to your SaaS? Sealed-envelope encryption — plaintext is encrypted on your side; ASTIS, cloud, and AI tools never see it in clear.
Sealed envelope · client-side
Sign & verify by hash
Need verifiable signing? Sign and verify by SHA-256 — the service never sees the document. Verify with gpg, no ASTIS account.
See it work →
Protect structured fields
Keeping data usable? Format-preserving encryption (FF1) applied locally — fields stay the same shape, ASTIS never receives plaintext fields.
NIST SP 800-38G FF1
Workload Secrets
Securing Kubernetes secrets? Deliver secrets to workloads without turning infrastructure access into secret access — unsealed in-pod, after attestation.
See it work →
MCP for AI agents
Building AI agents? Cryptographic tools over MCP, so agents can act on sensitive data without receiving business-payload plaintext.
See it work →
Tamper-evident audit evidence
Proving what happened? A tamper-evident audit trail of cryptographic and key operations, exportable for auditors and CISOs.
Hash-chained · exportable
Customer-controlled keys
Key control stays yours. Generate, rotate, and revoke; with HYOK CVS, keys never leave your infrastructure.
BYOK / HYOK
Looking for the encrypted email workflow? See how ASTIS Mail works →
Don't take trust on faith
You don't have to trust us — verify it yourself.
Verifiable signatures
Every release is signed via the same /v1/sign API and verified with gpg — no ASTIS account. You verify it yourself.
Verify it yourselfLive dogfood
Workload secrets proven end-to-end, backed by 1,912 api-gateway + BFF tests green in CI.
See it workNo plaintext at the edge
Business payload is encrypted on your side; the edge sees a capsule and a proof, never plaintext.
How the boundary holdsHonest boundary
Internal dogfood + independently verifiable artifacts — not yet a third-party audit. EU/EEA data plane.
Trust CenterNumbers are shown only where they are independently verifiable or live on a see-it-work page. Full architecture is reviewable under NDA.
Where ASTIS fits
Three workflows where business-payload plaintext should not become ordinary vendor data.
Confidential professional communication
Boutique legal, executive teams, and NGO / journalist-style sensitive comms — protected messages and documents that can’t become ordinary vendor plaintext.
Regulated SaaS & product teams
Sensitive tenant data, signing, format-preserving encryption, audit evidence, and customer-controlled keys — embedded into your own product.
Platform & infrastructure teams
Workload secrets for Kubernetes and agents, where infrastructure access shouldn’t mean cloud, vendor, or operator plaintext exposure.
Also used for finance, health data (GDPR special-category), HR, and logistics workflows.
Pricing
Two product lines, separately priced. Buy one, the other, or both — billed under one organization.
Packaged workspace
ASTIS Mail
Solo $179/year · Team $15/seat/mo · Organization $20/seat/mo · Enterprise from $25k/year
- •End-to-end encrypted mail and calendar
- •Industry templates (legal hold, medical referral, HR severance)
- •Customer-controlled encryption keys
- •Optional Gmail and Outlook integration
Annual platform license
ASTIS API platform
Pro $15k · Business $60k · Enterprise from $150k · Strategic from $1M · HYOK CVS (self-hosted) from $50k
- •Sealed envelope, sign / verify, FPE, audit chain
- •ASTIS-managed CVS or HYOK (self-hosted) key custody
- •Annual, feature-gated tiers sized to your workload
- •EU-hosted infrastructure
Using an AI coding agent? Connect ASTIS MCP →
Self-hosted HYOK CVS contracts are sales-led only.
See API pricing for details.
Enterprise and sovereignty contracts in the EU are with ASTIS OÜ (Estonia), activated by invoice with bank transfer or card. The contracting entity and payment method for each plan are confirmed at checkout or in your Order Form.
Frequently asked questions
Mail product, API platform, and how the two fit together.
Keep plaintext where it belongs.
Talk to ASTIS about Mail, Platform, or self-hosted custody — or verify the proof yourself first.
Self-serve: Mail free trial · free developer access — see the two paths above.