Based Security protects your code with Immovable Identities. Developers request short-lived SSH certificates to interact with your source code management system.
Based Code
Our Platform
Secure Access to GitHub and GitLab with Hardware-Backed Certificates
A git repository within the organization's GitHub is configured to trust the Based-hosted Certificate Authority (CA). Any attempt to pull code without a valid certificate will fail, ensuring that only authorized users with proper authentication can access the code.
Unbreakable Authentication with Physical Security Keys
An authenticator is a physical device that plays a crucial role in our system. It stores key material, performs cryptographic operations, and attests to its own identity, adding an extra layer of security. We currently support Yubikeys and are actively working to expand support to Apple's Secure Enclave and TPMs for Windows and Linux, providing flexibility for your team. You can assign individual authenticators to your users, granting them controlled access to your systems.
Seamless Integration with Your Existing Workflow
Once a certificate is granted, it can be used to authenticate to GitHub or GitLab for git operations over SSH. Your users no longer need to upload or manage their own public keys. You gain complete control and visibility, ensuring consistent key types and sizes across your organization. Best of all, Based Security works seamlessly with the standard SSH and Git tools your team already uses, making adoption smooth and straightforward.
The Power of the Based Certificate Authority (CA)
The Based CA is the foundation of our security solution. It's backed by HSMs, ensuring that your key material is stored safely and securely in a way that prevents leaks. Our management interface seamlessly integrates with your identity provider, automatically syncing your users and simplifying administration.
Effortless Certificate Requests with Built-In Security
Your users can easily request certificates through the Based application. The system verifies that the authenticator has generated a key within the device, checks the access policies, and confirms the identity of the requesting user. If all policies are met, a certificate is granted. For added security, users may be required to enter their PIN to activate the certificate, as dictated by your chosen security policy.
This is a frequently asked question?
It all begins with an idea. Maybe you want to launch a business. Maybe you want to turn a hobby into something more. Or maybe you have a creative project to share with the world. Whatever it is, the way you tell your story online can make all the difference.