The primary ASTIS client application — a web/PWA platform for encrypted email that works across PC, mobile, and tablet. All encryption and decryption happens client-side on your device.

Key Features

• Web and PWA — works on any device with a browser
• Client-side encryption and decryption (AES-256-GCM + OpenPGP)
• Works with your existing email provider (Gmail, Microsoft 365, SMTP)
• Key management and session key capsule handling
• TTL, policies, and audit integration
• Responsive design for desktop, mobile, and tablet

Seamless encryption for Mozilla Thunderbird with full PGP support and key management.

Key Features

• Automatic email encryption and signing
• Built-in key management
• S/MIME and OpenPGP support
• Works with existing email accounts
• Cross-platform compatibility

End-to-end encryption for Gmail directly in your browser with zero configuration.

Key Features

• Seamless Gmail integration
• One-click encryption
• Automatic key exchange
• Secure attachment handling
• Mobile-responsive design

Enterprise-grade encryption for Outlook Web with seamless Office 365 integration.

Key Features

• Office 365 integration
• Enterprise policy support
• Calendar encryption
• Shared mailbox support
• Azure AD authentication

Distributed keyserver infrastructure for publishing and discovering OpenPGP public keys across the network using Web Key Directory protocol.

Key Features

• RFC 8605 compliant WKD implementation
• Automatic key discovery via email domain
• HTTPS-based secure key retrieval
• HKP protocol support
• Key synchronization with SKS network
• Email verification for key uploads
• Rate limiting and spam protection
• RESTful API for integration

Session key capsule management service. Handles encrypted capsule storage, retrieval, TTL enforcement, and policy-based access control.

Key Features

• Encrypted capsule storage and retrieval
• TTL enforcement and automatic expiry
• Policy-based access control
• Multi-tenant architecture
• Integration with BYOK and HYOK via CVS
• Audit logging and compliance reporting

Cross-platform client-side cryptographic engine powering ASTIS plugins on Windows, macOS, and Linux. All encryption and decryption happens locally on the device.

Key Features

• AES-256-GCM content encryption
• OpenPGP (RFC 4880) session key capsule wrapping
• Local key generation and management
• Cross-platform: Windows, macOS, Linux
• Plugin integration (Thunderbird, Gmail, Outlook)
• Offline-capable encryption and decryption

Server-side cryptographic processing designed for mobile users who want the simplest, fastest way to use encrypted email — no plugin installation required.

Key Features

• No plugin or app installation required
• Designed for mobile platforms (iOS, Android)
• AES-256-GCM content encryption
• OpenPGP session key capsule wrapping
• Plaintext processed transiently, never persisted
• Instant onboarding for new users

PrivatePGP key vault with binding-based access control. Stores password-encrypted private keys — CVS never has access to the password or plaintext key material.

Key Features

• Password-encrypted private key storage
• Binding-based access control (enroll, revoke, rotate)
• Organization-scoped audit logging
• Redis-backed domain profile caching
• M2M authentication (service-to-service)

Security encryption layers for enterprise key governance. BYOK lets customers import and manage their own keys via CVS gateway. HYOK keeps decryption authority entirely on customer infrastructure.

Key Features

• BYOK: import and manage your own encryption keys
• HYOK: keys never leave customer infrastructure
• Hardware Security Module (HSM) support
• Automated key rotation and lifecycle management
• Zero-knowledge for email content
• Compliance with data residency requirements