Secret retrieval now runs on its own dedicated infrastructure
Fetching secrets is now its own service, isolated from the rest of SikkerKey. Because it runs independently, the secret access your applications depend on stays fast and available even when other parts of the platform are under load or undergoing maintenance. Nothing changes in how you connect, and your applications keep working exactly as before, now backed by infrastructure dedicated to keeping that access fast and reliable.
Machines no longer get locked out by mistake
To keep your account safe, SikkerKey temporarily blocks a machine after several failed connection attempts. We found this could trigger even when nothing was actually wrong:
- A machine still waiting for your approval, or one you had paused, could keep retrying and lock itself out.
- When several machines share one internet connection, which is common in offices and cloud setups, a single blocked machine could end up locking out the others alongside it.
Now only genuine failed attempts count toward that limit. A machine that is simply waiting for approval or paused will not lock itself out, and one machine can no longer cause the others on its connection to be blocked.
Stronger protection for connections and rotation
- We strengthened the way SikkerKey confirms that each machine and AI agent is genuinely the one it claims to be, adding another layer of protection around the secrets they can reach.
- For automated secret rotation, only the machine you designate as the rotation agent can carry out and confirm a rotation, so no other machine in your vault can step in.
- When a canary trips and freezes a project, automated secret rotation for that project now halts as well, extending the protection a canary gives you across the rotation process.