Searchable Encrypted Database
QX is a high-performance, fully-encrypted, document oriented database
designed for ease-of-use and maximum protection.
Maximum Data Protection
With QX, every query, insert and update is encrypted before it is sent across the network using keys that you control. Sensitive data is both protected and searchable.
Encryption-at-Rest is Broken
You've probably heard of encryption-at-rest.
Did you know that it is not enough to prevent data breaches?
Encryption-at-Rest encrypts sensitive files on disk. But in a running database, data is decrypted whenever a query is run.
It's like leaving the key in the lock.
Encrypt every record?
Alternatively, records could be encrypted externally before being stored in the database.
But now data can't be queried!
QX uses searchable encryption so that data is always encrypted and fully searchable.
We call this Encryption-in-Use.
Built for Security
QX is designed to meet very high-levels of security and compliance.
QX is based on existing standards like AES. Nothing fancy means there is less to go wrong.Github Repo
Is how long a comparison takes in QX. And because it uses B-Trees, queries are super snappy.
Built with Rust
Rust's memory model and compiler guarantees make it perfect for security.
Say goodbye to credentials in connection strings! QX uses OpenID and JWTs to authorize clients.
Any NodeJS, Ruby or Rust application can use QX.
Other languages and frameworks coming soon.
Clients authenticate to QX using OpenID.
Use can even your own idenity provider.
Records are encrypted using searchable encryption.
Data sent to QX is encrypted.
It is never decrypted until it's returned to the application.
Text search over encrypted data
Partial or Exact Matches
Search with fuzzy or partial string comparisons.
Or lookup records by exact values.
// Partial string match await customers.all( customer => customer.name.match("Ada") ) // Exact ("keyword") match await customer.all( customer => employee.status.eq("active") )
Range queries over encrypted data
Retrieve ranges of data for numeric and date types.
// All customer signed up in the // last 30 days let monthAgo = new Date() - DAYS_30 let results = await customers.all( customer => customer.signedUpAt.gte(monthAgo) )
Combine query types
Combine constraints on multiple fields or compose queries for great flexibility.
// All full-time employees paid over $100k let results = await employees.all( employee => all( employee.salary.gt(100000), employee.employment.eq("full-time") ) )
Read more in our Docs!
Don't take our word for it.
This is what people are saying about CipherStash:
If I was founding something new today I'd be super duper likely to use this to replace my "user.[rb|ts]"
I love how it gives you a PII vault but with flexibility around querying.
Making it trivial to do field level encryption in any DB is one thing. But making it still possible to do a full text search is quite another
If you store PII and tell me it’s safe cause you encrypt data at rest, and in transit, you’re wrong. If your app or DB is compromised your reputation is in the 🗑.
@cipherstash - an end-to-end secure, searchable, performant database.
Their infra, your keys. Get on it.
Ready to protect your data?
No credit card required.