Venafi and GlobalSign Partner to Expand Machine Identity Protection in DevOps Environments
Venafi and GlobalSign Partner to Expand Machine Identity Protection in DevOps Environments
New integration offers automated PKI certificate management, addresses DevOps challenges
SALT LAKE CITY — May 16, 2019 — Venafi®, the leading provider of machine identity protection, GMO GlobalSign (www.globalsign.com), a global Certificate Authority and leading provider of identity and security solutions for the Internet of Things (IoT), today announced an expanded technology partnership and integration that seamlessly addresses DevOps certificate challenges. Additionally, Venafi Cloud is now fully integrated with GlobalSign’s high-performance PKI solutions for enterprises.
The integration of Venafi Cloud and GlobalSign PKI for DevOps provides DevOps teams with quick, high-speed access to trusted machine identities across multiple clouds, hybrid infrastructure, and containerized environments. Security teams can rest assured DevOps teams are using standardized, automated SSL/TLS certificates that fit enterprise policy and eliminate errors. By using GlobalSign’s cloud-based PKI services, developers and information security teams eliminate the need to build and manage CAs and supporting services, including Online Certificate Status Protocol (OCSP) and Certificate Revocation Lists (CRL).
Venafi Cloud offers DevOps teams out-of-the-box integrations, including HashiCorp Terraform, HashiCorp Vault, SaltStack, Ansible, Docker and Jetstack cert-manager. The Venafi Cloud and GlobalSign’s PKI for DevOps solution also features well-documented standard interfaces that can be used across teams, including a REST API, an open source VCert SDK (available in Go and Python) and ACME. Enterprises of all sizes can now have one service for machine identities across their hybrid infrastructure and multiple clouds, helping to increase the speed of DevOps.
Cryptographic keys serve as machine identities and are the foundation of security for all applications on enterprise networks, the internet and cloud environments. As organizations embrace DevOps, the number of machine identities required is exploding. However, because developers maintain their own methods for obtaining and using machine identities, the situation quickly becomes chaotic, expensive and risky. As a result, developers look for shortcuts, including using machine identities from unauthorized CAs and weak self-signed and wild-card certificates. When left unchecked, DevOps teams can create risk through vulnerabilities and errors that enter production environments, increasing an organization’s overall attack surface.
“Now with support for GlobalSign’s highest performing and scalable PKI service, Venafi Cloud eliminates the machine identity risks that have plagued DevOps, hybrid and multi-cloud environments,” said Kevin Bocek, vice president of security strategy and threat intelligence for Venafi. “Now, DevOps teams get the fastest, easiest way to automate TLS certificates whether they’re using ready-to-use integrations or powerful APIs. And security teams are happy knowing trusted certificates are being used correctly because they have complete visibility. We are thrilled that our partnership with GlobalSign will provide DevOps organizations with more dynamic, flexible machine identity protection solutions.”
Key benefits of the Venafi Cloud and GlobalSign integration include:
■Support for DevOps use cases that require ultra-high-speed certificate issuance; allows certificates to be delivered in seconds.
■Embeds certificate issuance into the tools developers are already using, including configuration management, container orchestration, release automation, and secrets management tools.
■Incorporates policy-enforced certificate issuance directly into CI/CD pipelines and enforces the appropriate policies for each environment.
■Prevents outages by automating the certificate lifecycle, eliminating errors, and enforcing security policy within DevOps workflows with out-of-the-box integrations, multiple APIs and SDKs that can be used everywhere, including the Automated Certificate Management Environment (ACME) protocol.
■Improves security posture by securing infrastructure as it is spun up, enabling end-to-end HTTPS with consistent, can-be-used everywhere integrations, interfaces, APIs and SDKs.
■Eliminates the need to manage PKI in-house or rely on self-signed certificates.
■Complies with The Payment Card Industry Data Security Standard (PCI DSS), National Institute of Standards and Technology (NIST), Health Insurance Portability and Accountability Act (HIPAA), and other audit frameworks.
“This integration enables DevOps teams to automate the procurement and installation of trusted digital certificates,” said Nisarg Desai, director of product management, IoT and DevOps for GlobalSign. “By combining GlobalSign’s highly scalable PKI for DevOps solution with Venafi Cloud certificate policy management and enforcement, organizations are now able to improve security, boost productivity and comply with regulatory frameworks – such as PCI DSS, NIST, and HIPAA – with just a few lines of code.”
To learn more about the integration, please visit the GlobalSign page on the Venafi website.
About Venafi
Venafi is the cybersecurity market leader in machine identity protection, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, IoT, mobile, and SSH. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise – on-premises, mobile, virtual, cloud, and IoT – at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.
With over 30 patents, Venafi delivers innovative solutions for the world’s most demanding, security-conscious Global 5000 organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the top four accounting and consulting firms; four of the top five U.S., U.K., Australian and South African banks; and four of the top five U.S. retailers. Venafi is backed by top-tier investors, including TCV, Foundation Capital, Intel Capital, QuestMark Partners, Mercato Partners, and NextEquity. For more information, visit www.venafi.comhttps://www.venafi.com
About GMO GlobalSign
GlobalSign is the leading provider of trusted identity and security solutions enabling businesses, large enterprises, cloud-based service providers and IoT innovators around the world to conduct secure online communications, manage millions of verified digital identities and automate authentication and encryption. Its high-scale PKI and identity solutions support the billions of services, devices, people and things comprising the Internet of Things (IoT). The company has offices in the Americas, Europe and Asia.For more information, please visit
https://www.globalsign.com.
About GMO Cloud KK
GMO Cloud K.K. (TSE: 3788) is a full-service IT infrastructure provider focused on cloud solutions. Established as a hosting company in 1996, the company has managed servers for more than 130,000 businesses and now has 6,500 sales partners throughout Japan. In February of 2011, the company launched GMO Cloud to enhance its focus on cloud-based solutions. Since 2007, the company has also grown its GlobalSign SSL security brand through offices in Belgium, U.K., U.S., China and Singapore. For more information please visit https://ir.gmocloud.com/english/.
GMO Internet Group
GMO Internet Group is an Internet services industry leader, developing and operating Japan’s most widely used domain, hosting & cloud, ecommerce, security, and payment solutions. The Group also includes the world’s largest online FX trading platform, as well as online advertising, Internet media, and cryptocurrency related services. GMO Internet, Inc. (TSE: 9449) is headquartered in Tokyo, Japan. For more information please visit https://www.gmo.jp/en/.