QWERX launches commercial device authentication platform for enterprises

QWERX has made its enterprise secure perimeter software generally available, bringing a national security-style device authentication system to private-sector customers. The product is designed to replace static credentials with rotating ephemeral keys as AI-driven attacks and quantum risk increase pressure on enterprise security.

Why it matters: - QWERX Enterprise Secure Perimeter is aimed at one of the most common enterprise weak points: static device credentials that can be stolen, reused or replayed. - The launch gives private-sector organizations access to a device authentication platform built for national security environments. - The timing aligns with growing pressure to adopt quantum-resistant security, especially for systems that still rely on persistent credentials.

What happened: - QWERX announced general commercial availability of QWERX Enterprise Secure Perimeter on NYSE Live, broadcast from the New York Stock Exchange. - The software replaces static credentials with dynamic ephemeral keys that rotate every few seconds and disappear after use. - The company said the platform is now available for enterprises managing networked devices with vulnerable static authentication credentials. - The release also said the product is the first quantum-proof device authentication platform backed by R&D grants from Los Alamos National Laboratory to be offered for general commercial use.

The details: - QWERX says static device credentials such as certificates, keys and tokens are often left unchanged on enterprise networks for weeks or months. - The company cited a claim that 80% of breaches involve credential theft or misuse. - QWERX says continuous key rotation leaves nothing persistent for an attacker to steal, harvest or replay. - CEO and Co-Founder Greg Cullison linked the launch to the 2015 Office of Personnel Management breach, saying a single stolen static credential enabled that attack. - QWERX said the commercial release followed validation in government and defense environments. - The company received two sole-source contracts from Los Alamos National Laboratory after the lab concluded QWERX was the only viable solution for its requirements. - Independent third-party penetration testing found no successful path of attack, according to the release. - QWERX also said it demonstrated live device authentication over the Starlink satellite network, with authentication keys rotating every three seconds from anywhere on Earth. - Chief Product Officer Neil Cavezza said the software is production-grade and can protect IT, OT and IoT environments with a software-only deployment. - The company said organizations can deploy the product without hardware changes or infrastructure overhauls.

Between the lines: - The launch positions QWERX at the intersection of two security trends: machine-speed AI attacks and the long-term threat from quantum computing. - The company is framing device authentication as a gap that sits next to, but is not fully covered by, current quantum-resistance mandates focused on encryption. - By emphasizing government validation and software-only deployment, QWERX is signaling that the product is meant to be sold as an enterprise-ready alternative, not a lab demo.

What's next: - QWERX is pitching the platform to private-sector enterprises that want to harden device authentication before the next breach. - The company is also tying the product to upcoming federal deadlines, including NSA CNSA 2.0 requirements beginning as early as September 2026 and a January 1, 2027 compliance date for new National Security System acquisitions. - Executive Order 14144, signed in January 2025, reinforced those migration timelines and codified the mandate in federal law. - QWERX said its device authentication layer is complementary to encryption-focused quantum-resistant upgrades and can be deployed now.

The bottom line: - QWERX is trying to turn a national security credentialing model into a commercial enterprise product before quantum risk and AI-enabled attacks make static authentication even more expensive to keep.