Venafi unveils scalable security offering for hardware security modules, includes consistent use of cryptographic keys

Venafi, provider of machine identity protection, debuted Tuesday Venafi Advanced Key Protect, a solution that allows users to generate strong encryption keys from a central hardware security module (HSM). Venafi Advanced Key Protect integrates with HSMs, including Thales and Gemalto, allowing customers to ensure consistent use of strong cryptographic keys throughout the enterprise.

As the number of vulnerabilities and attacks targeting encryption keys increases, it is imperative that enterprises utilize stronger keys. Because organizations that deploy HSMs lack the ability to manage their keys centrally, it is difficult to consistently enforce enterprise policy controls. Lack of central management capabilities also makes automation of the entire key life cycle problematic. To address this issue, many organizations create custom scripts that require ongoing maintenance or use manual, error-prone processes.

Venafi Advanced Key Protect delivers an out-of-the-box solution that overcomes these challenges. As an add-on module to the Venafi Platform, the security solution applies policy and workflow controls that enable fast, automated key orchestration. Together, these capabilities make it possible for enterprises to ensure they consistently use the strongest cryptographic keys possible.

Venafi Advanced Key Protect improves private key security by allowing users to generate strong keys from a central HSM and provides flexible management of the entire HSM key life cycle for enterprise applications.  It also delivers immediate PCI DSS 3.6.1 and 3.6.3 compliance; leverages existing HSM investment for strong key generation and key lifecycle management; automates strong, centrally generated keys across your network; and maintains private keys under strict policy controls in a secure, centralized location.

“In the age of security risks like Meltdown and Spectre, the threats against machine identities cannot be understated,” said Kevin Bocek, vice president for security strategy and threat intelligence at Venafi. “Harnessing the power of HSM key generation to improve security has been time-consuming, expensive and error-prone. Now with Venafi Advanced Key Protect, security teams no longer need to trade off speed and crypto-agility for compliance. Venafi is excited to work with our HSM partners to deliver this powerful innovation to our mutual customers.”

“It’s critical for businesses in tightly regulated sectors, such as financial services and healthcare, to secure their machine identities,” said Hari Nair, director of product management and cryptographic researcher at Venafi. “With Venafi Advanced Key Protect, organizations can leverage the power of HSMs to generate and guard strong machine identities. This capability is essential for securing communications within and outside of the enterprise.”


Leave a Reply

WWPI – Covering the best in IT since 1980