Venafi introduced new product capabilities in its Control Plane for Machine Identities during the 2024 Machine Identity Security Summit.
This latest version of the Venafi Control Plane will enable security
and platform teams to address the most critical machine identity
security challenges and help future-proof their organizations, including
post-quantum readiness, cloud-to-cloud connectivity and workload
identity security.
"As today's security landscape continues to rapidly evolve with
multi-cloud and post-quantum readiness as key concerns, security
professionals and developers alike are faced with new, emerging machine
identity challenges every day. Organizations need a unified platform for
end-to-end machine identity security that brings security and platform
teams together to address all of these challenges at enterprise scale,"
said Shivajee Samdarshi, chief product officer at Venafi. "Together with
CyberArk, Venafi can now help organizations solve more machine identity
security problems more quickly and easily - and ensure they are
prepared for today and the future."
New capabilities and features in Venafi's Control Plane include:
-
Support for Post Quantum Cryptography (PQC) - As part of Venafi's Control Plane for Machine Identities, the latest versions of TLS Protect and CodeSign Protect now support NIST-approved post-quantum algorithms, such as ML-DSA and SLH-DSA,
and make it easy to test PQC migrations. This enables security teams to
confidently issue TLS certificates and sign code using the new
algorithms and effectively prepare for a quantum-safe future.
-
Cloud-to-Cloud Connectivity - New enhancements in TLS Protect Cloud
allow security and platform teams to natively integrate the product
with all major cloud providers, including AWS, Azure and GCP. With this
industry-first cloud-to-cloud connectivity, they can now easily discover
and manage machine identities directly in any multi-cloud environment,
which eliminates complexity, increases efficiency and reduces costs.
-
Workload Identity Federation - Designed to help bridge the gap
between security teams and modern developer teams, this new capability
leverages custom API integration service accounts to securely access and
authenticate Venafi Control Plane APIs, eliminating the need for
traditional API keys. By implementing workload identity federation,
organizations can reduce reliance on static API keys, which are common
targets for attackers, and minimize the risk of credential leaks and
unauthorized access. This helps improve overall security posture and
scalability.
-
OpenShift Routes - The latest release of TLS Protect for Kubernetes features a new OpenShift Routes component in its Venafi Control Plane Operator
for Red Hat OpenShift users to reduce operational complexity and
enhance security automation. The component helps platform teams automate
the lifecycle of certificates used on OpenShift Routes - including
managing and renewing TLS certificates - ultimately minimizing the risk
of human error, accelerating deployment processes and ensuring
consistent security practices across environments.
All new features are available today on Venafi's Control Plane for Machine Identities.