Expertly integrate your applications with Thales HSMs
Organizations taking advantage of nShield and payShield hardware security modules (HSMs) frequently require custom code to integrate cryptographic capabilities into their applications.
Secure coding requires special skill; developers must be careful to utilize best practices and avoid introducing security risks and performance bottlenecks. For organizations that do not have in-house staff with secure coding skills, or need to supplement their teams with additional capacity and expertise, Thales ASG offers expert custom development services that can accelerate projects and deliver secure and efficient results.
You can work with Thales ASG in whatever way best meets your needs. As experts in Thales products and development toolkits, we can provide advice and knowledge transfer, work alongside your team to add capacity for critical projects, or complete your custom integration from start to finish. However you choose to work with us, you can be assured of expert professional help that shortens development cycles, raises your team’s security awareness, and ensures that you receive the best possible return on your investment in security solutions.
In situations where you plan to do most or all of your own application integration, Thales ASG provides a number of services and tools to support your efforts. These include:
Thales offers two optional application integration toolkits:
- With the CipherTools Developer Toolkit, you can take full advantage of the advanced capabilities offered by the nShield HSM family as you integrate HSMs with your applications. The toolkit contains detailed tutorials and reference documentation, sample programs written in a range of high level languages, and additional versions of libraries to expand capabilities for integration with business applications beyond those that can be achieved by the standard application program interfaces (APIs).
- The CodeSafe Developer Toolkit enables application developers to write programs that are securely loaded and executed within the secure environment of the nShield HSM, protecting them from malware and Trojans attacks on host systems. CodeSafe provides an application “sand box” setting where code can be validated for integrity and authorized to execute in a tamper-resistant manner—ideal for applications residing in untrustworthy locations.
For commonly encountered integration tasks, Thales has prepared guides that can help your team save time and avoid common pitfalls by utilizing best practices for integrating nShield and payShield HSMs with specific commercial software applications.
To ensure that you can obtain the help you need when you need it, Thales offers multiple levels of support contracts, including developer support, giving you access to experts in Thales products, developer toolkits, and APIs.
HSM Application Code Review service.
Thales ASG experts can review your application code and make recommendations to mitigate potential security risks or improve efficiency.