Superasystem Co., Ltd. (Headquarters: Shinjuku-ku, Tokyo, Representative Director: Ai Yoshida) will launch a Design Partner Program for "MukenVault," software that protects TLS private keys, API keys, and authentication information in memory during execution, starting July 1, 2026, limited to 50 companies.
Under this program, MukenVault evaluation versions will be provided free of charge to cloud providers, SaaS providers, SIers, MSPs, SOCs, AI companies, research institutions, and others. Participants can verify in a near-production environment within their existing cloud and on-premises setups a new security domain that protects "secret information exposed after intrusion," which traditional countermeasures have not fully covered.
In addition, Superasystem proposes "Runtime Secret Protection," a new concept for protecting secret information in memory during execution.
Key Points of This Release
Product: MukenVault (Software for protecting secret information after intrusion) Proposed Concept: Runtime Secret Protection
Format: Design Partner Program (Free Evaluation)
Recruitment: Limited to 50 companies/organizations
Period: July 1, 2026 - August 31, 2026
Target: Cloud providers / SaaS providers / SIers / MSPs / SOCs / AI companies / OEM partners / Universities and research institutions / OSS communities / Press and media
Technology: Patent pending (Application No. 2025-241853 / PCT international application in progress)
Recommended Verification Environment: Ubuntu 24.04 and 22.04
AI Has Changed Attacks. Therefore, We Must Change How We Protect.
Until now, cybersecurity has primarily focused on "preventing intrusions." However, with the widespread adoption of generative AI, internal exploration, acquisition of authentication information, and lateral movement after intrusion are rapidly being automated and accelerated. In some environments, privilege escalation and cross-system access can be achieved in a short period.
Future security requires not only "not being intruded upon" but also "the ability to protect critical assets even after an intrusion."
Among these, Superasystem has focused on secret information handled by applications and middleware while they are running. TLS private keys, API keys, OAuth Secrets, JWT signing keys, database credentials, and other sensitive data are deployed in memory during execution to function.
Even if stored data and communications are encrypted, secret information may be expanded in memory during execution in a format that the CPU can process. If memory is accessed after an intrusion, this information can be acquired, potentially leading to privilege escalation or lateral movement.
Therefore, Superasystem has developed MukenVault as software to protect secret information in existing environments, viewing memory during execution as a new protection target.
What is MukenVault?
MukenVault is not a product that prevents intrusions themselves. Its purpose is not detection or blocking, but rather "to create a state where secret information is inherently difficult to acquire." It is designed to be introduced and evaluated in existing cloud and on-premises environments without requiring dedicated hardware.
Its main roles are as follows:
1. Protects Secret Information
By not holding secret information in memory in plain text for extended periods outside of necessary times, it increases the difficulty of acquisition. Targets: TLS private keys, API keys, tokens, signing keys, database credentials, etc.
2. Detects and Records Suspicious Activity
Detects signs of memory access or memory dump acquisition and records traces of attacks. Leaves clues necessary for initial response within a scope appropriate to the operating environment.
3. Notifies Operations Personnel
Notifies of detected events, supporting prompt decision-making and prevention of damage spread.
MukenVault does not replace EDR or WAF. It functions as a complementary defensive layer that protects "secret information itself," which attackers target, in addition to existing defenses.
What is Runtime Secret Protection?
Superasystem calls the concept of protecting secret information in memory during execution after an intrusion "Runtime Secret Protection."
While traditional countermeasures focus on "intrusion prevention" and "behavioral detection," this approach aims to "make the theft of information after intrusion more difficult."
In today's world of accelerated attacks, the risk of secret information being acquired before detection and response can be made is becoming a reality. Therefore, structural protection that makes it difficult to acquire secret information even in a post-intrusion environment becomes important. MukenVault is the first product to implement this concept.
Challenges Revealed Through Investigation of Over 20 OSS and Middleware
Superasystem has conducted investigations on over 20 types of OSS and middleware, including OpenSSH, Nginx, Apache, PostgreSQL, MariaDB, Docker, Kubernetes, and OAuth2 Proxy.
As a result of verifying their behavior through memory dumps and other methods, we have confirmed the presence of critical secret information in memory during operation in many systems.
This is not a problem with specific products but a structural challenge common to systems that handle secret information.
Superasystem believes that a runtime protection mechanism that is easy to introduce and evaluate in existing environments is necessary to address this challenge.
Furthermore, patent applications (Application No. 2025-241853) have been filed for the core technology of MukenVault, and PCT international application procedures are currently underway.
Towards a Future of Runtime Stability
MukenVault is the first step towards achieving "Runtime Stability."
Runtime Stability is a concept that supports business continuity by protecting critical assets even in the event of intrusions or failures. Runtime Secret Protection is one of the core elements that supports this.
Protecting assets even if intruded upon. Not stopping business operations.
Superasystem believes this concept will become a new security foundation in the AI era.
About the Design Partner Program
This program is a co-creation initiative to refine the new domain of Runtime Secret Protection alongside practical operations, in addition to evaluating MukenVault.
Participating companies will be invited to participate in early access to the evaluation version, regular discussions with the development team, and joint consideration of new features and use cases.
This program is not intended for production deployment but is envisioned for evaluation in test and verification environments.
Recruitment Overview
Recruitment Period: July 1, 2026 - August 31, 2026
Number of Participants: Limited to 50 companies
Target: Cloud providers / SaaS providers / SIers / MSPs / SOCs / AI companies / OEM partners / Universities and research institutions / OSS communities / Press and media
Recommended Environment: Ubuntu 24.04 and Ubuntu 22.04
Inquiries: support@mukenvault.com
Application: https://mukenvault.com/design-partner/
Please apply early through the form above if you are interested (application closes once capacity is reached).
About Superasystem Co., Ltd.
Superasystem pursues a new approach to cybersecurity required in the AI era.
It advocates for Runtime Secret Protection, which protects secret information in memory during execution after an intrusion, aiming to achieve Runtime Stability beyond that.
Attacks should not be the only thing evolving. Protection methods must also evolve into the new era.
Towards a society that protects assets and continues business operations even when intruded upon.
Inquiries from the Press Regarding This Matter
Superasystem Co., Ltd. Public Relations Contact Email: media@superasystem.com
FACT BOX
- Source: PR TIMES
- Category: 製品発表
- Organizations: MukenVault