ellipticSecure is a cybersecurity product provider focused on hardware-based key protection. Its core products include the general-purpose hardware security module eHSM and the MIRkey hardware security key. eHSM is designed for servers, workstations, and enterprise infrastructure, protecting CA root keys, VPN certificates, SSH keys, server certificates, and keys used for document, email, and code signing. MIRkey targets individual and employee accounts, supporting FIDO2, U2F, and 2FA/TOTP, while also functioning as a Bitcoin hardware wallet.
In terms of protection model, its focus is not traditional endpoint antivirus or perimeter firewalls, but reducing the risk of private key leakage after a server compromise by isolating private keys in hardware. eHSM supports PKCS#11, Microsoft CNG, JCA/JCE, FIDO2/U2F/CTAP2, and provides native libraries for Windows, Linux, and macOS. For deployment, eHSM can be shared across a network to provide cryptographic operations for multiple physical or virtual servers, with applications communicating with the device via TLS/secure tunnels. The site also provides examples for OpenSSL, EJBCA, OpenVPN, OpenSSH, Acrobat, Thunderbird, Electrum, and C/Java/Go/Python, so the integration documentation appears fairly comprehensive.
On compliance, the website explicitly mentions GDPR compliance, and MIRkey is listed as FIDO Certified. However, we did not find information on more common HSM certifications such as FIPS 140 or Common Criteria. For management, eHSM emphasizes easy-to-use administration tools to reduce reliance on command-line scripts, and says integration support is available. However, it does not disclose details on centralized auditing, role-based permissions, alerting, SIEM integration, or SLA. The pricing page does not provide specific prices, subscription vs. one-time purchase options, or payment methods, leaving procurement transparency limited.
Its strengths are clear product positioning, coverage of both enterprise key management and strong authentication for individuals, and a high degree of standards-based interface support. It is suitable for small and midsize businesses that already use OpenSSL, EJBCA, VPN, SSH, or signing workflows. MIRkey should work well with services that support security keys, such as Google, Microsoft, Facebook, Dropbox, GitHub, GitLab, and Coinbase. The downsides are limited disclosure of commercial details and compliance certifications, as well as a lack of demonstrated capabilities around high-availability clustering, centralized auditing, and operations alerts required by larger enterprises.
Access from China cannot be determined from the page content alone, so we mark it as unknown. If used in a domestic production environment in China, buyers should additionally verify website accessibility, logistics, payment options, after-sales support time zones, and whether it meets requirements such as MLPS, national cryptography standards, or industry regulations. Alternatives to compare include YubiKey, Nitrokey, OnlyKey, Thales Luna HSM, Utimaco HSM, AWS CloudHSM, Azure Dedicated HSM, as well as domestic Chinese national-cryptography USB Keys, cryptographic appliances, and identity authentication vendors.
β This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on ellipticsecure.com official site.
ellipticsecure.com is an Unknown Cybersecurity provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach ellipticsecure.com directly.