Adfinis, a leading international service provider of open source IT solutions, and the German Confidential Computing company enclaive have announced their new partnership – a collaboration combining modern encryption technologies with a comprehensive IT lifecycle approach, to strengthen security and sovereignty in cloud environments.
Cyberattacks are increasingly targeting the software supply chain: Attackers inject backdoors, malware, or vulnerabilities into open source components to later gain access to a wide range of systems, deploy ransomware, or spy on sensitive data while those systems are running. Consequently, the Cyber Resilience Act will, from December 2027, also require vendors to provide proof of the security of their software supply chain. Adfinis is proactively addressing these challenges with its Secure Supply Chain Management – and is now enhancing protection with enclaive’s Confidential Computing. Whether in as-a-service solutions like GitLab as a Service, combined with the SLSA Framework, or in the sovereign operation of applications in hyperscaler clouds, Adfinis is relying on confidential computing for critical workloads. This is how the new Confidential Supply Chain service has come to life.
Confidential computing protects not only data at rest and data in transit, but also data in use by encrypting it within hardware-based enclaves, whose integrity can in turn be proven through cryptographic attestation. With its virtual Hardware Security Module (vHSM), enclaive also offers companies an independent key management ("Bring and Hold Your Own Key"). This ensures users retain full control over their keys at all times, so that not even privileged insiders or cloud providers have access to the data and code inside the enclave.
“Confidential computing is a true game changer for cloud security. With innovative technologies like its virtual HSM, enclaive is a perfect partner for us. The hardware-level encryption provides our clients with an unprecedented level of security and can be integrated virtually anywhere. This allows us to create a foundation for companies to develop and operate new digital services without compromising security or compliance.”
– Sascha Zimmer, Field CTO at Adfinis
Adfinis combines this technology as part of its Secure Supply Chain Management with SLSA Level 3-compliant pipelines. These pipelines prevent tampering in the software supply chain through cryptographically signed builds. For the first time, the integrity of code and data becomes fully and mathematically verifiable, creating a trustworthy and resilient supply chain. Companies benefit from a security architecture that not only reliably protects the development, deployment, and operation of software but also creates the foundation for end-to-end compliance and digital sovereignty. Adfinis complements this with its 24/7 Managed Services, built on over 25 years of experience in open source.
"Open source is essential for innovation. To address increasing supply chain attacks and rising regulatory requirements , you need experts like Adfinis who can safely guide companies through the whole lifecycle. We're excited to make a valuable contribution with our Confidential Computing solutions. Together, we're creating a verifiable, secure software supply chain that offers enormous benefits, especially for critical infrastructure – from meeting strict legal requirements to achieving true digital sovereignty."
– Norbert Müller, Chief Strategy Officer at enclaive
Adfinis and enclaive will present the new Confidential Supply Chain for the first time at the Smart Country Convention in Berlin, from September 30 to October 2, 2025. Together with WX-ONE, a German cloud provider with the highest certified security standards, they will present the first cloud stack that allows sovereignty, confidentiality, and data integrity to be mathematically and legally verified. To learn more about the joint solution, supply chain security, and cloud sovereignty, visit Adfinis at the IONOS booth 503 in Hall 27 of the Convention.
Find out more about Adfinis at https://www.adfinis.com
Find out more about enclaive at https://www.enclaive.io
Images are available on request, by sending an email to [email protected].
Contact person for Adfinis AG
Eike Kirch, Director Sales Germany, Adfinis Deutschland
Phone: +49 171 2794192
E-Mail: [email protected]
Web: www.adfinis.com
About Adfinis
Adfinis is a leading service provider of open source IT solutions, with established locations in Switzerland, Germany, the Netherlands, Australia, New Zealand, and Egypt. For over 25 years, Adfinis has delivered innovative, sustainable, and resilient IT solutions built on trustworthy open source technology.
In collaboration with industry leaders such as GitLab, Red Hat, SUSE, and HashiCorp, Adfinis offers clients a tailored approach covering the entire IT lifecycle. From strategy to execution, Adfinis provides consulting and planning, engineering expertise, and 24/7 managed services to ensure seamless, reliable operations. Serving a worldwide clientele, Adfinis embodies a legacy of innovation and a profound dedication to enhancing the open source ecosystem.
Contact person for enclaive
H zwo B Kommunikations GmbH
Simon Weistenhöfer
Nürnberger Str. 17-19
91052 Erlangen
Phone: + 49 (0)9131 81281-19
E-Mail: [email protected]
Web: www.h-zwo-b.de
About enclaive
enclaive is an international technology company headquartered in Berlin. Its solutions already serve a strong and dedicated community of ISVs, MSPs, and CSPs around the world. Through enclaive’s Confidential Computing approach, companies can securely protect their sensitive data and applications. The comprehensive multi-cloud operating system enables Zero Trust security by encrypting data even while it's in use and shielding applications from both infrastructure and solution providers. This enables companies to retain complete control over their confidential information. Learn more at www.enclaive.io