HPE acquires Scytale to advance open, secure, edge to cloud strategy



  • Scytale is an innovative company founded in 2017 by a group of seasoned engineers from cloud-native enterprises
  • This team helps enterprise security engineering teams standardize and accelerate service authentication across cloud, container, and on-premises infrastructures

Scytale team brings expertise in cloud-native security and zero trust networking

I am delighted to share the news today that Hewlett Packard Enterprise has acquired Scytale, an innovative company founded in 2017 by a group of seasoned engineers from cloud-native enterprises like Amazon Web Services, Duo Security, Google, Okta, PagerDuty, and Splunk. This team helps enterprise security engineering teams standardize and accelerate service authentication across cloud, container, and on-premises infrastructures.

This team of experts in cloud-native security and zero-trust networking is also recognized as the founding contributors of the SPIFFE (the Secure Production Identity Framework for Everyone) and SPIRE (the SPIFFE Runtime Environment) open source projects to the Cloud Native Computing Foundation.

HPE is fully-committed to continuing Scytale’s stewardship and contributions to SPIFFE and SPIRE, and these projects will play a fundamental role in HPE’s plans to deliver a dynamic, open, and secure edge-to-cloud platform.

Putting the deal in context – envisioning a dynamic, open, and secure edge-to-cloud future

Today, digital transformation is creating countless possibilities in a world that is hyper-connected and increasingly distributed. The applications and data that create and run our enterprises, live everywhere – in the data center, the cloud, and increasingly at the edge. Customers need a seamless edge-to-cloud architecture and experience that is also autonomous, open, and secure.  However, legacy and proprietary security models have failed to scale and keep pace in an ecosystem that is increasingly API-driven, containerized, dynamic, and spans from edge-to-cloud.

Over the years, HPE has earned a reputation as the world’s leading provider of trusted computing, and has invested significant R&D in innovating highly secure, zero trust systems. HPE was the first vendor to put silicon-based security, the “silicon root of trust,” into its industry standard servers, addressing firmware attacks, which are one of the biggest threats facing enterprises and governments.

As HPE progresses into this next chapter, delivering on our differentiated, edge to cloud platform as-a-service strategy, security will continue to play a fundamental role. We recognize that every organization that operates in a hybrid, multi-cloud environment requires 100% secure, zero trust systems, that can dynamically identify and authenticate data and applications in real-time. We also recognize that the open source community, which every day advances an endless array of projects designed for an open, multi-cloud, micro-services driven world, are at the forefront of writing code that delivers true zero trust, highly secure systems.

HPE’s commitment to open source, CNCF, SPIFFE and SPIRE

We are thrilled to bring onboard to HPE the talented and proven team from Scytale, and co-founders Sunil James, Emiliano Berenbaum, and Andrew Jessup, leading figures in the open source movement.

This acquisition also represents HPE’s ongoing transformation, part of which is to embrace and contribute to open source projects in the Cloud Native Computing Foundation and elsewhere. Our goal is to deliver services and products that advance these developments, and provide our customers and partners with the fastest-possible path to application modernization. A great proof-point of this is the recently launched, Kubernetes-Certified HPE Container Platform, derived from our recent acquisitions of MapR (key contributors to a number of Apache Foundation projects) and BlueData.

Why are SPIFFE and SPIRE Important?

SPIFFE and SPIRE form the backbone for scalable, seamless service authentication. They are poised to become the de facto standards for identifying and securing enterprise workloads across cloud, container, and on-premises infrastructure. This is evident in the scale and prominence of the organizations that have already engaged the Scytale team in their production SPIRE deployment plans and in their adoption of SVIDs (SPIFFE Verifiable Identity Documents) as the means to convey workload identity within their respective frameworks.

We see many opportunities to leverage SPIFFE and SPIRE across the HPE portfolio, and believe state-of-the-art cryptographic-identity technology will play a critical role in enterprise-scale digital transformation, cloud-enablement, and cloud-migration projects. This acquisition will provide our customers and partners the freedom to design, deploy, and achieve their IT operational goals, regardless of supplier or location, with the same level of trust that was previously achievable only through proprietary network-security schemes.

It’s my pleasure to welcome this world-class team as they become part of the HPE family. The addition of Scytale’s talent, their expertise, and the power of their community will, without a doubt, accelerate our progress toward these goals. Of course, the real, ultimate beneficiaries of these transformations are our customers and partners. I hope this message instills the same sense of excitement and opportunity in all of you as I feel as a result of our joining forces.


Hewlett Packard Enterprise introduces Kubernetes-based platform for bare-metal and edge to cloud deployments

Press Release

With HPE Container Platform, enterprise-wide containerization is a reality

Blog Post

HPE advances its intelligent data platform with acquisition of MapR business assets

Press Release