Split credentials.
Credentials are split across multiple devices, such that no device ever stores the complete cred. If attackers compromise one device, they get nothing.
The first PAM where there's nothing to steal.
SplitSecure doesn't hide or store credentials — it eliminates them. We protect secrets with architecture, not policy.
Overview2 min Rundown
How It Works
Compliant by default, secure by design.
SplitSecure's architecture is secure and compliant by default, without the need for configuration or overhead. Our architecture ensures key security claims are always true in any environment.
Access without exposure.
Users can log in with protected credentials normally, but the credentials are never exposed. If an employee logs in using a compromised device, the cybercriminals get nothing.
Eliminate overhead.
SplitSecure can be deployed in under a day and requires no dedicated support. Regulatory reports are generated with one-click, and we're compliance-ready for banks and hospitals. We can work with your cyberinsurer to get discounts for good practice.
Use Cases
What does your business need?
SplitSecure's simple yet powerful security technology supports a variety of security needs.
Privileged Access Management
Protect cloud accounts, admin accounts, infrastructure accounts, SSH, RDP, digital assets, and more. Support "break glass" access for emergencies.
Go Passwordless
Eliminate passwords from your organization. If you have sensitive accounts still protected by passwords, SplitSecure is the easiest way to modernize.
Zero Standing Privilege
Implement zero standing privilege inside your organization: we eliminate risk, show compliance, and help you get discounts on cyberinsurance for demonstrated good practice.
Just-In-Time Elevation
Enable JIT elevation of privilege for sensitive actions. We support certificate management, developer workflows, finance/bank workflows, and more.
Developer Workflows
For teams that take code signing and developer privilege seriously, SplitSecure supports no-single-point-of-failure designs and multi-party approval workflows.
Audit & Compliance
Streamline compliance efforts for SOC 2, ISO-27001, NIS2, DORA, SEC Reg S-P, FFIEC, or FCA Op Resilience. Reports are generated with one-click.
Product Demo
The full walkthrough.
Watch first time setup, from a clean install to the first protected resource.
End-to-end, in one sitting.
Watch how SplitSecure splits credentials across devices, lets users access protected resources without exposure, and produces compliance-ready audit logs by default.
- 01First time setup and deployment
- 02Using protected credentials
- 03Audit, compliance & reporting
- 04Splitting credentials across devices
FAQ
Frequently asked questions.
How long does deployment typically take?
Deploying SplitSecure for the first time typically takes about 30 minutes. It does not
require special training; any engineer or IT technician can do it. We support bulk
enrollment for using via SSO and IAM integration, as well as bulk enrollment for
protected resources via terraform and other common tools.
Does it integrate with our existing SSO and identity provider?
Yes, SplitSecure integrates with common SSO and IDP tools like Google, Apple, Okta,
Entra ID, etc. These tools can be used for bulk onboarding and user management, so
SplitSecure creates no additional management burden.
How exactly does SplitSecure's technology work?
SplitSecure is based on the S2 algorithm, a patented secret-splitting algorithm based on Shamir's Secret Sharing. The S2 algorithm makes it possible to split secrets (like credentials and keys) across multiple devices, such that no device ever persists the secret, and the secret does not have to be exposed to be used.
Because the secrets are never persisted anywhere, an attacker cannot extract them by compromising a single device or conducting a phishing attack against a single employee. Instead, they would have to compromise a critical mass of the entire storage network simultaneously, without being detected at any point in that process.
If you'd like a more in-depth overview of how the S2 algorithm works, you can contact our sales team to request a copy of our technical whitepaper.
What maintenance and ongoing support requirements should I expect?
SplitSecure is designed not to require any dedicated support. There is no configuration burden, and there is no storage that needs to be managed. In principle, the only support needed is the HR task of onboarding and offboarding users from resources, which can be largely automated.
That said, we do offer deployment and engineering support with our Enterprise plan for customers who desire it.
What compliance frameworks are supported?
SplitSecure can support a wide range of compliance frameworks, including SOC 2, ISO 27001, NYDFS, DORA, SEC Reg S-O, FFIEC, NIS2, FCA Op. Resilience, HIPAA, and GDPR.
The reason we are able to support such a wide range of compliance frameworks is our secret handling technology, which ensures all secrets (including credentials) stored by SplitSecure meet all industry-standard security and regulatory requirements. Put another way, we are "compliant by default."
Can I test SplitSecure out before committing to a contract?
SplitSecure is free for open-source projects and non-profit organizations with less
than $10M of revenue. For everyone else, we offer a one-month free trial. Contact our
sales team if you need a more specific demo or trial prior to making a commitment.