At Venafi, now a CyberArk company, we are always looking to the future to see how we can enable our customers to accelerate their success in environments marked by rapid change. Recent advancements to Venafi’s Control Plane for Machine Identities support that noble goal, enabling securing and platform teams to tackle new and emerging machine identity security challenges.
Top analysts have recently released guidance on the importance of deploying a control plane for machine identities. And Venafi has already taken steps to address the most critical machine identity security challenges and help future-proof their organizations. The most notable of these advances are in the areas of post-quantum readiness, cloud-to-cloud connectivity and workload identity security.
We are extremely proud of the following forward-looking capabilities and features in Venafi’s Control Plane:
- Support for Post Quantum Cryptography (PQC) – As part of Venafi’s Control Plane for Machine Identities, the latest versions of TLS Protect and CodeSign Protect now support NIST-approved post-quantum algorithms, such as ML-DSA and SLH-DSA, and make it easy to test PQC migrations. This enables security teams to confidently issue TLS certificates and sign code using the new algorithms and effectively prepare for a quantum-safe future.
- Cloud-to-Cloud Connectivity – New enhancements in TLS Protect Cloud allow security and platform teams to natively integrate the product with all cloud providers, including AWS, Azure and GCP. With this industry-first cloud-to-cloud connectivity, they can now easily discover and manage machine identities directly in any multi-cloud environment, which eliminates complexity, increases efficiency and reduces costs.
- Workload Identity Federation – Designed to help bridge the gap between security teams and modern developer teams, this new capability leverages custom API integration service accounts to securely access and authenticate Venafi Control Plane APIs, eliminating the need for traditional API keys. By implementing workload identity federation, organizations can reduce reliance on static API keys, which are common targets for attackers, and minimize the risk of credential leaks and unauthorized access. This helps improve overall security posture and scalability.
- OpenShift Routes – The latest release of TLS Protect for Kubernetes features a new OpenShift Routes component in its Venafi Control Plane Operator for Red Hat OpenShift users to reduce operational complexity and enhance security automation. The component helps platform teams automate the lifecycle of certificates used on OpenShift Routes – including managing and renewing TLS certificates – ultimately minimizing the risk of human error, accelerating deployment processes and ensuring consistent security practices across environments.
“As today’s security landscape continues to rapidly evolve with multi-cloud and post-quantum readiness as key concerns, security professionals and developers alike are faced with new, emerging machine identity challenges every day. Organizations need a unified platform for end-to-end machine identity security that brings security and platform teams together to address all of these challenges at enterprise scale,” said Shivajee Samdarshi, chief product officer at Venafi. “Together with CyberArk, Venafi can now help organizations solve more machine identity security problems more quickly and easily – and ensure they are prepared for today and the future.”
Stay tuned for future product innovations as Venafi continues to enhance our offering under the umbrella of the CyberArk product portfolio. It’s going to be exciting.
Why Do You Need a Control Plane for Machine Identities?
Machine Identity Security Summit 2024
Help us forge a new era of cybersecurity
☕ We're spilling all the machine identiTEA Oct. 1-3, but these insights are too valuable to just toss in the harbor! Browse the agenda and register now.