FyVault
About FyVault

Built by the team
behind Fyboard

FyVault is what happens when a team building enterprise software gets tired of scattered secrets, breached .env files, and security tools that protect storage but ignore runtime.

3µs
Injection Latency

eBPF kernel-level, zero-copy

256-bit
AES-GCM Encryption

Same crypto on every tier

30+
Integrations

Vercel, AWS, Docker, and more

Our Mission

“Every developer — solo or enterprise — deserves secrets that protect themselves. Not secrets you protect. Secrets that are architecturally unreachable.
Your App
process.env.SECRET
FyVault
Decrypt • Inject • Rotate • Seal
Linux Kernel
eBPF injection
Runtime Architecture

Our Origin

Where FyVault comes from

Fybyte builds precision manufacturing systems and intelligent software. Fyboard — an all-in-one workspace for modern teams — is one of our flagship products.

While building Fyboard, the team kept running into the same problem: .env files everywhere, secrets in Slack, rotation policies nobody followed.

FyVault was built to solve their own problem first, then opened to everyone.

Fybyte
Parent Company
Fyboard
Workspace
FyVault
Secrets
Same team. Same standards.
Company Structure

Our Difference

What makes FyVault different

01

Runtime, not storage

Most vaults encrypt at rest. FyVault protects secrets at the moment they are used — eBPF kernel injection, rotating handles, microsecond exposure windows. Your secrets never touch disk unencrypted, and they never stay in memory longer than they need to.

Without FyVault
.envexposed
process.envexposed
memory dumpexposed
vs
With FyVault
.envsealed
process.envsealed
memory dumpsealed
Runtime Protection
Threat Model
Published. Auditable. Honest.
Protected
8
Partial
1
Documented Limit
1
Threat Model
02

Honest about our limits

We publish our full threat model. 8 protected vectors, 1 partial, 1 documented limit. No security theater. No vague marketing claims. You read the model, you decide if we are good enough for your stack.

03

Generous by default

50 secrets free forever. Same encryption on every tier. Unlimited devices on every plan. We would rather have 10,000 indie devs than 100 locked-in enterprises.

Free$0
50 secrets
AES-256-GCM encryption
Unlimited devices
Pro$12
Unlimited secrets
Same encryption
Unlimited devices
EnterpriseCustom
SSO + SCIM
Same encryption
Unlimited devices
Same crypto. Every tier.
Pricing Model

Our Principles

The No List

What we refuse to do matters as much as what we build.

01

No security theater

We don’t claim to be invincible. We publish our full threat model — 8 protected vectors, 1 partial, 1 documented limit. You decide if we’re good enough.

02

No feature-gated encryption

AES-256-GCM on free tier. Same crypto as enterprise. We will never make safety a premium add-on.

03

No per-seat gotchas

Devices unlimited on every plan. Scale your team without scaling your bill.

04

No vendor lock-in

Import from Vault, Doppler, 1Password. Export anytime. Your secrets belong to you.

05

No secrets in our hands

Zero-knowledge mode means we literally cannot read your secrets. Not won’t — can’t.

Start for free. Build something secure.

50 secrets, 3 projects, unlimited devices. Same encryption as enterprise. No credit card required.