Ecosteer Srl
Ecosteer enables digital sovereignty and cyber resilience by architecture, placing cryptographic control at the origin of data: connected devices
Company Details
- Category
- Cybersecurity
- Headquarters
- Bolzano, Italy
- Data Hosting
- EU Only
- Open Source
- No
- Pricing
- enterprise
- Website
- http://ecosteer.com/
About Ecosteer Srl
Ecosteer enables digital sovereignty and cyber resilience by architecture. Its patented Data Visibility Control Overlay (DVCO) introduces a cryptographic control layer that moves data access enforcement from centralized systems to the true origin of data: connected devices. In the DVCO architecture, each device becomes an autonomous cryptographic unit, independently generating and rotating its own cryptographic systems. Data streams are encrypted at their technical origin and remain protected across networks, platforms, and intermediaries. Only recipients explicitly authorized directly and unilaterally by device users (data owners) can decrypt the data. Authorization decisions are enforced cryptographically, ensuring that access to data is determined solely by the data owner, independently of service providers, platforms, or network operators. This architecture removes centralized control points that typically concentrate security risk. Even if network brokers, cloud services, or intermediaries are compromised, encrypted data streams remain inaccessible to unauthorized parties. By decentralizing cryptographic control and enforcing protection directly at the source, DVCO limits attack propagation, reduces systemic vulnerabilities, and enables fine-grained, auditable control over data access. The architecture aligns with key European regulatory frameworks governing data sharing and cybersecurity: EU Data Act – enabling secure and controlled data sharing while ensuring that data owners retain authority over access to the data generated by their connected devices. GDPR – supporting privacy-by-design and data protection through strong encryption and granular access control. Consent to data access can be granted and revoked with equal ease - through simple user actions - fully aligning with GDPR requirements that withdrawing consent must be as easy as giving it. Cyber Resilience Act (CRA) – strengthening device-level cybersecurity through cryptographic protection, minimized attack surfaces, and containment of security incidents. NIS2 Directive – contributing to operational cyber resilience through secure data exchange, distributed cryptographic key management, and impact containment by design. The result is a new architecture for secure digital ecosystems in which connected devices - and their users - control the visibility and distribution of the data they generate, enabling resilient infrastructures and sovereign data sharing across complex, multi-stakeholder environments.