CERT+
Automate certificate lifecycle management including issuance, discovery, renewal, and deployment, across public and private trust CAs. Assess, prioritize, and plan your migration to quantum-safe encryption with the Quantum Trust Hub add-on module.
PKI+
Provision, govern and scale private trust certificates with a Post Quantum ready cloud based Enterprise PKI-as-a-Service.
SIGN+
Secure software, firmware, and containers with a comprehensive enterprise code signing solution.
SSH+
Control SSH access and key rotation at scale with an SSH key lifecycle management solution.
KUBE+
Unify DevOps and Security teams by managing certificates with a Kubernetes-native certificate lifecycle management solution.
DDI+
Manage domain registration, renewal, decommissioning, and other security controls with an end-to-end domain lifecycle management solution.
ADC+
Automate and orchestrate application delivery infrastructure at scale with an ADC lifecycle automation platform.
Platform
Manage policy and automation across all of the products and modules in the AVX ONE platform.
- Platform User Guide
- Platform API Guide
- Reporting User Guide
- Policy Engine
- Automation
  Get started with Automation using workflows for Network Service Orchestration manage inventory, connect tasks and apps, and design workflows to automate routine tasks with AppViewX modules.
AppViewX Setup
Get detailed instructions for setting up AVX ONE in on-premises or SaaS deployments.
Release Artifacts
Review new features, fixes, and security advisories with official AppViewX release documentation.

Generating the User's Master Encryption Key

The user's Master Encryption key generation process is initiated after they have been successfully onboarded. The following is a graphical representation of the key generation process is outlined in the image:

Upon the onboarding of a tenant, AppViewX initiates a request to AWS KMS to generate a Master Encryption Key (KMS-MEK) and a Data Encryption Key for the tenant.
AppViewX refers to this Data Encryption Key as its internal Master Encryption Key and utilizes it to encrypt all sensitive information.
AWS KMS generates the AppViewX MEK and encrypts it using the KMS-MEK stored in KMS.
AWS KMS returns the encrypted AppViewX MEK.
The encrypted AppViewX MEK is stored in the tenant's database.
All encryption and decryption processes take place within AppViewX, and the key used for these operations is supplied by AWS KMS.
Note: It is important to note that the AWS KMS generates the Master Encryption Keys (KMS-MEK, AppViewX MEK) for each tenant. The tenant's database (in which the encrypted AppViewX MEK is securely stored) is encrypted at rest for added security.

AppViewX