This latest version of the Venafi Control Plane will enable security and platform teams to address the most critical machine identity security challenges and help future-proof their organizations, including post-quantum readiness, cloud-to-cloud connectivity and workload identity security.
“As today’s security landscape continues to rapidly evolve with multi-cloud and post-quantum readiness as key concerns, security professionals and developers alike are faced with new, emerging machine identity challenges every day. Organizations need a unified platform for end-to-end machine identity security that brings security and platform teams together to address all of these challenges at enterprise scale,” said Shivajee Samdarshi, chief product officer at Venafi. “Together with CyberArk, Venafi can now help organizations solve more machine identity security problems more quickly and easily – and ensure they are prepared for today and the future.”
New capabilities and features in Venafi’s Control Plane include:
• Support for Post Quantum Cryptography (PQC) – As part of Venafi’s Control Plane for Machine Identities, the latest versions of TLS Protect and CodeSign Protect now support NIST-approved post-quantum algorithms, such as ML-DSA and SLH-DSA, and make it easy to test PQC migrations. This enables security teams to confidently issue TLS certificates and sign code using the new algorithms and effectively prepare for a quantum-safe future.
• Cloud-to-Cloud Connectivity – New enhancements in TLS Protect Cloud allow security and platform teams to natively integrate the product with all major cloud providers, including AWS, Azure and GCP. With this industry-first cloud-to-cloud connectivity, they can now easily discover and manage machine identities directly in any multi-cloud environment, which eliminates complexity, increases efficiency and reduces costs.
• Workload Identity Federation – Designed to help bridge the gap between security teams and modern developer teams, this new capability leverages custom API integration service accounts to securely access and authenticate Venafi Control Plane APIs, eliminating the need for traditional API keys. By implementing workload identity federation, organizations can reduce reliance on static API keys, which are common targets for attackers, and minimize the risk of credential leaks and unauthorized access. This helps improve overall security posture and scalability.
• OpenShift Routes – The latest release of TLS Protect for Kubernetes features a new OpenShift Routes component in its Venafi Control Plane Operator for Red Hat OpenShift users to reduce operational complexity and enhance security automation. The component helps platform teams automate the lifecycle of certificates used on OpenShift Routes – including managing and renewing TLS certificates – ultimately minimizing the risk of human error, accelerating deployment processes and ensuring consistent security practices across environments.