The security challenges faced by modern organizations make a strong, integrated technology ecosystem a “must have” for any organization looking to implement Machine Identity Management strategies. Based on analyst recommendations, the Blueprint for Machine Identity Management outlines why a vibrant technology ecosystem with thousands of integrations is required.
Venafi is the inventor, creator and innovator of the category of Machine Identity Management. The Venafi Ecosystem and Machine Identity Management Development Fund are core to the mission to protect our world-leading customers. The Development Fund added it’s 30th developer to the community of global innovators. Over 30 consultancies and startups from around the world are bringing new innovative ways to protect machine identities as a result of the Development Fund.
Venafi adds Indie Developers Program
Venafi is also excited to announce a new program that brings innovation from independent open-source developers. As part of the Machine Identity Management Development Fund, “Indie Devs” pays individual developers for innovative, open source projects. This new program opens the doors for more developers to become part of the Venafi Ecosystem. It’s just one more way Venafi is committed to the open source community just months after open source leader Jetstack joined Venafi.
Devs joining the Development Fund are:
- Indie Developer, Ryan Prior, is the creator of the Authasaurus project, which provides an opinionated, easily deployable authorizing reverse proxy for microservices. It can be difficult for developers who want to use good security practices to establish connections between services and users. This is especially important for developers working with services across clouds, other locations, and their local networks. This Indie Dev project seeks to address this specific challenge for developers and provides a fast, easy guardian to protect and connect applications. Integrated with Venafi Trust Protection Platform and DevOpsACCELERATE, Authasaurus will automatically provision a TLS certificate at the intended ingress/exposed endpoint. Ryan is based in Wisconsin.
- Indie Developer, Sigurdur (Siggi) Darri Skulason, is building a fast, easy source of machine identities at service mesh performance and latency. Kubernetes solves container orchestration, application deployment, scaling, and management problems. However, it does not solve the observability, traffic management, secure communications and connectivity related problems. Service mesh implements high performance, low latency, built-in Certificate Authorities (CAs), but these CAs operate without oversight of security teams. This disconnect creates friction, uncertainty, and doubt for security teams that are being pressured to support broad service mesh deployments. With this In-memory CA for service mesh, developers will have an integrated source of machine identities with Venafi policy and oversight. Siggi is based in the United Kingdom.
Venafi sponsors 30th machine identity developer
At the same time, the Machine Identity Management Development Fund has directly sponsored four new startups in the third quarter of 2020. These developers are all experts in their field, who are now creating integrations that accelerate the delivery of comprehensive protection for machine identities across microservices, DevOps, and multi cloud environments. The newest developers to receive sponsorship from the Machine Identity Management Fund include:
- OpenFaaS Ltd is best known for the popular Serverless project OpenFaaS which brings Functions to Kubernetes. The team also supports arkade, an open source project focused on making Kubernetes more accessible and easier to use for developers and IT teams. Whilst the adoption of cert-manager has been rapid in cloud native deployments, users often lack the skills and knowledge needed to properly configure machine identities. This lack of expertise slows the adoption of cert-manager and makes it more difficult for security teams using Venafi to enforce enterprise policies. This project seeks to solve the problem by using arkade’s one-line commands to configure cert-manager with Venafi’s enterprise-ready machine identity solutions. The project will also add arkade apps for the Kong and NGINX-Plus IngressControllers. OpenFaaS is headquartered in the United Kingdom.
- n8nis a fair-code licensed, node-based Workflow Automation Tool. DevOps and engineering teams are moving fast to innovate, test and deploy. This rapid speed of change requires organizations to grapple with a significant learning curve and increased effort to learn new tooling, integrate applications, plus address security issues. n8n solves these challenges with a new no-code automation platform that makes it easy for DevOps and engineering teams to innovate and operate applications and connect with standard security services like machine identity management. n8n will provide an out-of-the-box Venafi integration to enable the procurement and inclusion of machine identities within n8n workflows. The project will also create additional nodes for typical certificate consumers such as NGINX, NGINX-Plus, and Apache. n8n is headquartered in Germany.
- Portshift brings together DevOps, Security and Operations by enabling them to team up and utilize identity-based workload protection for continuous security of their cloud-native applications. Portshift is developing a Venafi Operator that will be included with the Portshift Istio distribution and SaaS management services. This is significant because DevOps and cloud engineering are moving fast to deploy new container-based applications, but typically do not use security team-approved machine identities. This integration will make it easy for engineering teams to use secure and valid machine identities through policies set in Venafi. Portshift is headquartered in Israel.
- Pulumi provides a modern Infrastructure as Code (IaC) platform that helps cloud engineering teams to work better together and ship faster. Today, DevOps and Cloud Engineering teams are attempting to use a plethora of tools, secrets stores, config files and IaC products. In many cases, machine identities like TLS certificates are used and consumed differently across clouds, Kubernetes, and applications. But engineering teams don’t have an easy way to consume machine identities using code, nor can security teams offer a consistent service to enable their use. To address this challenge, Pulumi is building a Venafi Resource Provider that will enable engineers to manage certificates using Pulumi and Venafi with support for both Venafi Platform and Venafi Cloud. Pulumi is based in Washington.
“The Venafi Ecosystem is core to customers success with Machine Identity Management,” said Kevin Bocek VP Ecosystem and Threat Intelligence, “The new Indie Devs program will bring the most innovative ways to use and protect machine identities for Venafi customers. It’s exciting to see what’s possible! The Machine Identity Management Development Fund is core to Venafi’s vision of create a safe, security digital world where all machine identities are protected. Where else can you find over 30 of the world’s most innovative startups and consultancies working on Machine Identity Management! This is just one more unique advantage that demonstrates our commitment to Venafi customers.”
This blog features solutions from the ever-growing Venafi Ecosystem, where industry leaders are building and collaborating to protect more machine identities across organizations like yours. Learn more about how the Venafi Technology Network is evolving above and beyond just technical integrations.