Secure traffic with Aegis. Operate change safely with Axis.
VeliKey launch scope centers on two products: Aegis, the transit security enforcement layer, and Axis, the control plane for policy rollout, telemetry, and audit evidence.
Launch-ready operating model
- Policy-driven TLS and mTLS enforcement
- Controlled rollout gates and rollback safety
- Operational telemetry and audit receipts
- Deployment support for EC2 and Kubernetes
Who this is for
Platform and security teams
- Teams that need consistent transit policy across environments.
- Operators who run staged rollout gates instead of one-time global cutovers.
- Organizations that need audit-ready records for policy changes.
Aegis
Enforcement in your traffic path.
Aegis applies cryptographic policy where traffic actually flows. It supports staged adoption across ingress, service-to-service, and egress paths with observability for negotiation outcomes.
Axis
Control, visibility, and evidence.
Axis gives operators one control plane for policy rollout, agent posture, and receipt generation. It does not sit in the traffic path; it coordinates and records how Aegis is operated.
Trust boundary: Aegis and Axis
Aegis boundary
- Enforces transport policy in-line with live traffic.
- Produces telemetry and enforcement outcomes.
- Does not replace your application authorization model.
Axis boundary
- Distributes policy, rollout intent, and control decisions.
- Stores rollout records and audit receipts.
- Does not decrypt or terminate workload traffic for you.
How teams adopt
A practical sequence for controlled rollout.
1) Establish policy baseline
Define your minimum security floor and compatibility boundaries in Axis before broad rollout.
2) Deploy Aegis incrementally
Start with a scoped environment, then expand to production paths as telemetry validates behavior.
3) Operate with receipts
Track posture, rollouts, and outcomes in Axis with records suitable for engineering and audit review.