Skip to content

Baffle Achieves Holy Grail of Encryption – First to Enable Wildcard Search on AES Encrypted Data With No App Rewrite

holy grail

June 4, 2018

Baffle Advanced Data Protection Service Lets Applications Seamlessly Operate and Analyze Encrypted Data without Exposing Confidential Information

SANTA CLARA, Calif.–(BUSINESS WIRE)–Baffle, Inc., an advanced data protection company, today announced it has released the first to market solution for secure computation of data in use with any application – whether it’s custom, hosted or software as a service (SaaS). Available today, Baffle Advanced Data Protection Service is the first product to allow wildcard search of AES encrypted data.

Baffle is the only vendor that can enable this method of secure computation without requiring any application rewrites. Rather than investing time, money and other resources to rewrite applications to secure their code, companies can use Baffle to simply and easily implement a data security model.

Other approaches to this type of data security challenge have been grounded in homomorphic encryption, which is known to have a severe performance penalty, and hardware assisted execution environments like Intel SGX, which are still being hardened and require specific hardware. Baffle’s solution dramatically supports virtually any application running on-premise or in the cloud, with a software-only solution that does not require application code to be modified or rewritten.

Click to Tweet: .@Baffleio achieves holy grail of #encryption – first to enable wildcard search on #AES encrypted data without any app rewrites #infosec

“As Gartner indicates, businesses are operating in a state of constant compromise,” said Ameesh Divatia, CEO and co-founder, Baffle. “We believe this requires a fundamental shift in strategy towards data-centric encryption that never exposes information, does not require application changes, and of course does not break applications. Only Baffle can do this.”

“Large cloud service providers and social media companies are moving quickly into the space of ‘confidential computing’, and we view their moves into this space as a strong validation of the threat that requires our approach,” said Harold Byun, vice president of products and marketing, Baffle. “Organizations of all sizes are moving workloads to the cloud, and they need to enable data processing without compromising data privacy. Only Baffle is able to enable this by encrypting data at rest, in motion and finally, in use.”

“Baffle has basically cracked an incredibly tough nut from a core technology perspective,” said Jack Miller, CISO of Open Systems. “Their ability to enable wildcard searches and mathematical computation on AES encrypted data ultimately becomes a win-win for both security teams and the business. Security can implement strong data-centric protection while enabling the business to implement their digital transformation goals.”

About Baffle

Baffle, the application data protection company, prevents data breaches by securing the end-to-end data access model for applications and databases. Using this method, the technology protects against some of the most recent high profile attacks and vulnerabilities – including Spectre and Meltdown. With its patent-pending technology, Baffle is the only company that can enable encryption of data at-rest, in use, in memory and in the search index without impacting the application using AES encryption. Baffle is also the first company to enable secure data processing on a commercial application and database to guarantee data protection. Baffle has raised $10.5 million of financing; its investors include True Ventures, Envision Ventures, ServiceNow Ventures [NYSE: NOW], Thomvest Ventures, Engineering Capital, and Industry Ventures.


Look Left Marketing
Tommy Owens, 415-640-4799
[email protected]

Join our newsletter

Schedule a Demo with the Baffle team

Meet with Baffle team to ask questions and find out how Baffle can protect your sensitive data.


No application code modification required


Deploy in hours not weeks


One solution for masking, tokenization, and encryption


AES cryptographic protection


No impact to user experience