Venafi and GlobalSign Partner on Machine Identity Protection in DevOps Environments
May 16, 2019

Venafi announced an expanded technology partnership and integration that seamlessly addresses DevOps certificate challenges. Additionally, Venafi Cloud is now fully integrated with GlobalSign’s high-performance PKI solutions for enterprises.

The integration of Venafi Cloud and GlobalSign PKI for DevOps provides DevOps teams with quick, high-speed access to trusted machine identities across multiple clouds, hybrid infrastructure, and containerized environments. Security teams can rest assured DevOps teams are using standardized, automated SSL/TLS certificates that fit enterprise policy and eliminate errors. By using GlobalSign's cloud-based PKI services, developers and information security teams eliminate the need to build and manage CAs and supporting services, including Online Certificate Status Protocol (OCSP) and Certificate Revocation Lists (CRL).

Venafi Cloud offers DevOps teams out-of-the-box integrations, including HashiCorp Terraform, HashiCorp Vault, SaltStack, Ansible, Docker and Jetstack cert-manager. The Venafi Cloud and GlobalSign’s PKI for DevOps solution also features well-documented standard interfaces that can be used across teams, including a REST API, an open source VCert SDK (available in Go and Python) and ACME. Enterprises of all sizes can now have one service for machine identities across their hybrid infrastructure and multiple clouds, helping to increase the speed of DevOps.

Cryptographic keys serve as machine identities and are the foundation of security for all applications on enterprise networks, the internet and cloud environments. As organizations embrace DevOps, the number of machine identities required is exploding. However, because developers maintain their own methods for obtaining and using machine identities, the situation quickly becomes chaotic, expensive and risky. As a result, developers look for shortcuts, including using machine identities from unauthorized CAs and weak self-signed and wildcard certificates. When left unchecked, DevOps teams can create risk through vulnerabilities and errors that enter production environments, increasing an organization’s overall attack surface.

“Now with support for GlobalSign’s highest performing and scalable PKI service, Venafi Cloud eliminates the machine identity risks that have plagued DevOps, hybrid and multi-cloud environments,” said Kevin Bocek,VP of Security Strategy and Threat Intelligence for Venafi. “Now, DevOps teams get the fastest, easiest way to automate TLS certificates whether they’re using ready-to-use integrations or powerful APIs. And security teams are happy knowing trusted certificates are being used correctly because they have complete visibility. We are thrilled that our partnership with GlobalSign will provide DevOps organizations with more dynamic, flexible machine identity protection solutions.”

Key benefits of the Venafi Cloud and GlobalSign integration include:

- Support for DevOps use cases that require ultra-high-speed certificate issuance; allows certificates to be delivered in seconds.

- Embeds certificate issuance into the tools developers are already using, including configuration management, container orchestration, release automation, and secrets management tools.

- Incorporates policy-enforced certificate issuance directly into CI/CD pipelines and enforces the appropriate policies for each environment.

- Prevents outages by automating the certificate lifecycle, eliminating errors, and enforcing security policy within DevOps workflows with out-of-the-box integrations, multiple APIs and SDKs that can be used everywhere, including the Automated Certificate Management Environment (ACME) protocol.

- Improves security posture by securing infrastructure as it is spun up, enabling end-to-end HTTPS with consistent, can-be-used everywhere integrations, interfaces, APIs and SDKs.

- Eliminates the need to manage PKI in-house or rely on self-signed certificates.

- Complies with The Payment Card Industry Data Security Standard (PCI DSS), National Institute of Standards and Technology (NIST), Health Insurance Portability and Accountability Act (HIPAA), and other audit frameworks.

“This integration enables DevOps teams to automate the procurement and installation of trusted digital certificates,” said Nisarg Desai, Director of Product Mmanagement, IoT and DevOps for GlobalSign. “By combining GlobalSign’s highly scalable PKI for DevOps solution with Venafi Cloud certificate policy management and enforcement, organizations are now able to improve security, boost productivity and comply with regulatory frameworks – such as PCI DSS, NIST, and HIPAA – with just a few lines of code.”

Share this

Industry News

April 11, 2024

Check Point® Software Technologies Ltd. announced new email security features that enhance its Check Point Harmony Email & Collaboration portfolio: Patented unified quarantine, DMARC monitoring, archiving, and Smart Banners.

April 11, 2024

Automation Anywhere announced an expanded partnership with Google Cloud to leverage the combined power of generative AI and its own specialized, generative AI automation models to give companies a powerful solution to optimize and transform their business.

April 11, 2024

Jetic announced the release of Jetlets, a low-code and no-code block template, that allows users to easily build any technically advanced integration use case, typically not covered by alternative integration platforms.

April 10, 2024

Progress announced new powerful capabilities and enhancements in the latest release of Progress® Sitefinity®.

April 10, 2024

Buildkite signed a multi-year strategic collaboration agreement (SCA) with Amazon Web Services (AWS), the world's most comprehensive and broadly adopted cloud, to accelerate delivery of cloud-native applications across multiple industries, including digital native, financial services, retail or any enterprise undergoing digital transformation.

April 10, 2024

AppViewX announced new functionality in the AppViewX CERT+ certificate lifecycle management automation product that helps organizations prepare for Google’s proposed 90-day TLS certificate validity policy.

April 09, 2024

Rocket Software is addressing the growing demand for integrated security, compliance, and automation in software development with its latest release of Rocket® DevOps, formerly known as Aldon®.

April 09, 2024

Wind River announced the latest release of Wind River Studio Developer, an edge-to-cloud DevSecOps platform that accelerates development, deployment, and operation of mission-critical systems.

April 09, 2024

appCD announced its generative infrastructure from code solution now supports Azure Kubernetes Service (AKS).

April 09, 2024

Synopsys announced the availability of Black Duck® Supply Chain Edition, a new software composition analysis (SCA) offering that enables organizations to mitigate upstream risk in their software supply chains.

April 09, 2024

DataStax announced innovative integrations with API extensions to Google Cloud’s Vertex AI Extension and Vertex AI Search, offering developers an easier time leveraging their own data.

April 08, 2024

Parasoft introduced C/C++test CT, a comprehensive solution tailored for large teams engaged in the development of safety- and security-critical C and C++ products.

April 08, 2024

Endor Labs announced a strategic partnership with GuidePoint Security.

April 08, 2024

Hasura announced the V3 of its platform, providing on-demand API composability with a new domain-centric supergraph modeling framework, a distributed supergraph execution engine and a rich and extensible ecosystem of open source connectors to address the challenges faced during integration of data and APIs.

April 04, 2024

DataStax has entered into a definitive agreement to acquire AI startup, Logspace, the creators of Langflow, an open source visual framework for building retrieval-augmented generation (RAG) applications.1