Portal26 named GenAI Visibility/Governance/Security Leader in Houlihan Lokey Cybersecurity Update 

Mix and match to construct your precise use case.

Which of these popular use cases describes your need?

SaaS providers are the keepers of their customers’ valuable data and must do everything they can to provide strong data protection in the face of cyberattacks and ransomware, while at the same time maintaining the feature set that their customers know and love. 

Portal26 gives SaaS providers critical capabilities necessary to survive in the current threat climate:

  • Encryption-in-use for back end customer data
  • Data cannot be accessed or decrypted by SaaS employees, administrators, or other personnel
  • No impact on end user experience or application functionality
  • The industries richest BYOK capabilities where customers own and control their own keys

Enterprises face a new attack every 2 seconds. In order to keep valuable data safe from compromise during these attacks, they must expand coverage far beyond traditional tokenization, data masking, and encryption-at-rest. The new kind of protection must be retained even if attackers get in with privileged credentials or with the help of trusted insiders.

Portal26 gives enterprises a platform to expand coverage to all important data even if it needs to be manipulated and analyzed so that enterprises are not limited by the restrictive nature of tokenization and traditional encryption. 

  • Four interoperable products to apply encryption-in-use to any type of cloud, on-prem, or hybrid architecture
  • These cover all major ways to plug into data stores and applications and also for stand-alone capabilities 
  • Nine privacy preserving formats with granular application to downstream apps and users
  • Supporting the flow of protected data across the enterprise and between systems
  • Providing visibility and evidence of encryption in attack scenarios, as well as compliance and audit reports

Conducting search and analytics on vast quantities of data requires the indexing and persisting of this data in clear text inside enterprise search platforms such as Elasticsearch and OpenSearch. These platforms are the perfect targets for data hungry ransomware and extortion actors, who either look for misconfigured clusters or steal admin credentials. 

Portal26 is finally here to put an end to all that. Here is how we use encryption-in-use to neutralize all such attacks:

  • Portal26 Plugin enables sensitive data to be indexed and searched while still retaining FIPS 140-2 certified encryption at all times.
  • Portal26 plugin retains rich search capability 
  • Portal26 comes with a rich key management infrastructure including index specific keys and keystore integrations (thereby enabling BYOK), field-level key derivation and integrations to major key vaults.
  • Portal26 does  not trade off search performance for security

The following explainer video and demo video gives a brief overview of how Portal26 can plug into Elasticsearch and provide unparalleled security. 

How it Works
Watch a Demo

Also included are links to other resources and third party blogs that you can use to review Portal26’s plugin functionality. When you are ready, please download the data sheet above or schedule some time to see a live demo.

We look forward to hearing from you

Portal26 searchable encryption + BYOK blog by AWS OpenSearch Community PM


Portal26 and AWS OpenSearch PM team jointly demonstrate Portal26 Plugin Functionality


Portal26 team demonstrates a ransomware proof Elasticsearch deployment at Portal26’s Ransomware and Extortion Defense RED Summit in Sep 2021

Elasticsearch Demo is at 49:43 mins into the video



Object stores like Amazon S3, Azure Blob, and Google Cloud Storage are among the top breached systems of all time. These systems are so powerful and versatile with a broad range of configuration options that more often than not customer end up misconfiguring these and leaking valuable data. In addition, many, if not all, do not offer the granularity or flexibility to manage data protection at the file level. This means that admin access to these buckets yields massive amounts of data and consequently admin compromise can lead to disaster. 

Portal26 provides enterprises with a proxy that provides strong and versatile protection for object stores

  • Proxy based encryption and decryption in and out of Amazon S3, Azure Blob, and GCS
  • Customer owned BYOK at scale. Keys can be applied at the individual file level and held in external customer owned key vaults across clouds or on prem
  • Policy based data decryption or release. This can be plugged into existing RBAC
  • Encrypted search for data stored in the object store

With data breaches on the rise and ransomware actors playing the extortion game, SaaS customers are demanding that providers encrypt their data. In addition, customers are asking to bring their own keys with which to encrypt their data. This functionality abbreviated BYOK, is fast becoming a basic security and privacy requirement for SaaS offerings. 

Portal26 provides the industry’s richest BYOK infrastructure that SaaS providers can leverage to immediately uplift their security posture and meet challenging customer demands:

  • Portal26 enables the encryption of SaaS data in all three stages of the data lifecycle: at-rest, in-transit, and most importantly in-use. 
  • Portal26 also allows SaaS customers to bring their own keys with which to perform the encryption. 
  • Further, customer keys can reside in their own key vaults that can be across clouds or on-prem.
  • Portal26 facilitates the use of customer supplied keys across multiple datastores and applications.
  • All BYOK functionality is offered at a granular field and file level across structured or unstructured data. 

Data is the new gold. The world is seeing more and more data intense products that utilize AI and other data driven insight models to drive value. Examples span enterprise applications to consumer technology like automotive and wearables. With rich personal data powering these products, and with cyberattacker going after all such data, it becomes extremely important to build products that are natively immune to data compromise.

Portal26 can be used to power data intensive products in such a way that they run on fully encrypted data and do not become the source of data breach and customer data loss. 

  • Portal26 Vault is a FIPS 140-2 fully encrypted back end that can be used to build powerful analytic applications that do not need to decrypt data to utilize it. 
  • Products built on Portal26’s vault are inherently resistant to data compromise during cyberattacks, ransomware, insider and privacy related incidents. 

The following explainer video and demo video gives a brief overview of how Portal26 can plug into Elasticsearch and provide unparalleled security.