Centralize and simplify data security policies and key management anywhere
CipherTrust Manager offers the industry leading enterprise key management solution enabling organizations to centrally manage encryption keys, provide granular access control and configure security policies. CipherTrust Manager is the central management point for the CipherTrust Data Security Platform. It manages key lifecycle tasks including generation, rotation, destruction, import and export, provides role-based access control to keys and policies, supports robust auditing and reporting, and offers developer friendly REST API.
CipherTrust Manager is available in both virtual and physical appliances that integrates with FIPS 140-2 compliant Thales Luna or third-party Hardware Security Modules (HSMs) for securely storing keys with a highest root of trust. These appliances can be deployed on-premises in physical or virtualized infrastructures and in public cloud environments to efficiently address compliance requirements, regulatory mandates and industry best practices for data security. With a unified management console, it makes it easy to set policies, discover and classify data, and protect sensitive data wherever it resides using the CipherTrust Data Security Platform products.
Cost Savings and Business Benefits
Enabled by the CipherTrust Data Security Platform
Integrated solutions enable KMIP compliance
CipherTrust Manager provides a unified management console that enables you to discover and classify sensitive data, and protect data using integrated set of Thales Data Protection connectors across on-premises data stores and multi-cloud deployments. It offers advanced self-service licensing, multi-tenancy support, secrets management and developer friendly REST APIs.
It offers users with additional hosting options, and can run as a native virtual machine on AWS, Microsoft Azure, Google Cloud, VMware, Microsoft HyperV, and more. Additionally, native support of CipherTrust Cloud Key Manager on CipherTrust Manager streamlines key management across multiple cloud infrastructures and SaaS applications.
It is available in both virtual and physical form factors and integrates with FIPS 140-2 compliant Thales Luna and third-party HSMs for securely storing keys with the highest root of trust. Flexible deployment options can easily scale to provide key management at remote facilities or in cloud infrastructures.
Simplifies management of encryption keys across their entire lifecycle, including secure key generation, backup/restore, clustering, deactivation and deletion. It unifies key management operations with role-based access control using existing Active Directory and LDAP credentials, and provides full audit log review.
Provides a single pane of glass for the CipherTrust Data Security Platform products, that enable organizations to discover, classify, and encrypt or tokenize data to reduce business risk and satisfy compliance regulations. It streamlines provisioning of connector licenses through a new self-service licensing for better visibility and control of licenses.
Offers new REST interfaces in addition to KMIP and NAE-XML APIs, for developers to simplify deployment of applications integrated with key management capabilities and automate testing and development of administrative operations.
For specifications, please see the CipherTrust Manager Product Brief.
Learn why in the KuppingerCole Leadership Compass on Data Security Platforms, 2025.
Read the Report
CipherTrust Manager simplifies key lifecycle management tasks, including secure key generation, backup/restore, clustering, deactivation, and deletion by enabling organizations to centrally manage encryption keys for Thales CipherTrust Data Security Platform and third-party...
The KeySecure platform provided centralized key management and data protection throughout your enterprise–on premises and in AWS. Now, Thales offers CipherTrust Data Security Platform (CDSP) to enable you to manage native keys painlessly and do more with fewer resources – and...
CipherTrust Platform Community Edition is a free-forever version of the CipherTrust Data Security Platform that makes it easy for DevSecOps to deploy data protection controls into hybrid and multi-cloud applications. It includes CipherTrust Manager Community Edition and...
Discover how organizations can centrally manage keys for third-party devices including Microsoft SQL TDE, Oracle TDE, and KMIP-compliant encryption products.
Today, every IT organization is striving to protect valuable digital assets from accidental exposure or intentional misuse. To meet various digital privacy regulations and compliance mandates, many organizations have deployed a variety of point encryption solutions as a...
The crucial first step in privacy and data protection regulatory compliance is to understand what constitutes sensitive data, where it is stored, and how it is used. If you don't know what sensitive data you have, where it is, and why you have it, you cannot apply effective...
Industry best practices as defined by the Cloud Security Alliance (CSA) require that keys be stored and managed outside of the cloud service provider and the associated encryption operations . Cloud Service Providers (CSPs) can comply with best practices by offering Bring Your...
Thales offers CipherTrust Manager as the central enterprise key management solution for an expansive ecosystem of storage and archive infrastructure partners, as described in this Solution Brief