Zero-Trust Identity

Passwords are the problem. We provide the solution.

‍Every day, 3.4 billion phishing emails are sent worldwide. According to the 2025 Verizon Data Breach Investigations Report, 22% of all data breaches begin with stolen or compromised credentials. This is the most common single attack vector of all. For attacks on web applications, this figure rises to as high as 88%. The conclusion is clear: as long as passwords exist, they are the weakest link in your security chain.

SecureComply implements zero-trust identity solutions from Soliton Systems, the Japanese specialist in certificate-based authentication and modern network access. The principle behind this is straightforward: no trust without verification, no access without proven device integrity and user identity.
‍
‍Passwordless and phishing-resistant

With Certificate-Based Authentication (CBA) based on X.509 certificates and FIDO2, we completely eliminate passwords as a vulnerability. Soliton OneGate replaces the password in the login process with cryptographically strong certificates in combination with a second factor such as FIDO2 or an authenticator app. The result is an authentication method that is immune to phishing, credential stuffing, and man-in-the-middle attacks. The solution complies with NIS2 Art. 21(2)(j) as well as FINMA’s requirements for strong authentication.

Federated SSO without compromise

‍Unifiedlogin for cloud services such as Microsoft 365, Entra ID, and Salesforce, as well as for legacy systems, without any modifications to existing applications. Your users log in once and have access to everything they need. Your IT department retains full control and visibility over every access process.

Device Trust for SASE environments

OneGate (Cloud PKI) and NetAttest EPS (On-Premise Enforcer) ensure that only managed and trusted devices gain access to your network. NetAttest EPS combines RADIUS, Private Certificate Authority, OTP, and 2FA in a single appliance and protects wired connections, Wi-Fi, and VPNs alike. This also works in hybrid environments with Cato, Zscaler, or Palo Alto Prisma Access without requiring the replacement of existing infrastructure.

Secure and compliant BYOD

Personal devices on the corporate network are a reality. The question is not if, but how secure. With the Soliton Secure Suite, corporate data on personal devices is isolated in an encrypted container consisting of Secure Workspace, Secure Browser, and MailZen for mobile devices. No MDM, no VDI, no risk of data leaks. Certificate management is handled directly by end users via the Soliton KeyManager app in three steps, without any involvement from the IT department.

The difference in numbers

In 2024, 2.8 billion passwords were offered for sale on darknet markets. Each one is a potential entry point into your company. With a passwordless architecture from Soliton Systems, there is simply nothing left to steal.