Jeff Hudson, CEO, Venafi
“Machine identities are undoubtedly the least understood domain in cybersecurity. For Venafi, we’re not just staying ahead of the competition. We’re also educating the world about the importance of protecting the identities that machines use.” This bold statement comes from Jeff Hudson, the CEO of Venafi—a privately held cybersecurity company and the leading provider of machine identity protection.
As organizations embrace digital transformation, the protection of machine-to-machine communications has become a must. A seasoned leader with more than25 years of management experience in IT and security management, Hudson explains that on a network, there are two actors—people and machines. People use usernames and passwords to identify themselves to machines to gain access to data and services. Machines also need to authenticate themselves to each other for secure communication. Unlike humans, however, machines rely on cryptographic keys and digital certificates, which serve as their identities.
Machines in this age of digital transformation are more than just bare metal servers—they comprise everything from servers and PCs to virtual machines, cloud instances, APIs and even containers. According to Gartner, $10 billion a year will be spent on protecting human identities in 2020.However, businesses will spend very little to protect machine identities—even though the number of machines, unlike people, is growing exponentially. This poses significant risks for organizations—especially given that the future of digital business is highly dependent on machine identities.
Cybercriminals understand the importance of machine identities and increasingly target them to attack networks and steal private data. Moreover, websites and online services, all of which fit today’s definition of machine, must have protected identities to avoid system outages and failed audits, in addition to the security risks already described.
"There’s a huge gap between the security controls applied to human identities and those applied to machine identities. We developed a technology to bridge this gap and protect the machine identities for the world's largest and most digitally transformed organizations," asserts Hudson.
Founded in 2004, Venafi protects machine identity types by orchestrating digital certificates and cryptographic keys for code signing, SSL/TLS and SSH. Venafi’s platform provides visibility and discovery capabilities to enterprise key and certificate management programs.
Additionally, the platform discovers the configuration, location and user of every machine identity across internal and external infrastructure, including the cloud and IoT infrastructure. These features let organizations continuously monitor their status and identify weaknesses, detect anomalies and enforce policies. “We offer global visibility of machine identities and their associated risks for the extended enterprise at machine speed and scale. This way, we not only safeguard machine identities, we also can reduce the risk of unplanned certificate-related outages,” explains Hudson.
Our aim has always been to secure the cryptographic keys and digital certificates that authorize and control all machine-to-machine connections and communications
Venafi offers a no outage guarantee that encompasses people, processes and technology. “We have helped several global corporations across multiple industries, including healthcare, insurance and retail, successfully prevent site and service outages. We can guarantee no certificate-based outages for every company that follows the Venafi Way,” says Hudson.
Healthcare companies need to secure their machine identities to protect their patient data, keep systems running and stay in compliance with regulatory standards such as HIPAA. Venafi provides healthcare organizations with the visibility, intelligence and automation that PKI and digital certificate resources require. This protects healthcare organizations from critical infrastructure outages and data breaches while ensuring compliance.
In addition to a strong product line, Venafi has created a unique ecosystem of technology partner integrations, which range from the world's leading providers of security solutions to the hottest DevOps consultancies. For instance, Venafi has partnered with HashiCorp to help DevOps teams go faster in multi-cloud environments while supporting information security mandates.
As a necessary step for future-proofing the overall investment in technology infrastructure, Venafi started the Machine Identity Protection Development Fund. It encourages recipients and developers to build integrations that deliver greater visibility, intelligence and automation across any technology that creates or consumes machine identities.
As a cybersecurity market leader in machine identity protection, Venafi has carved a unique niche for itself in the market. With more than30 patents and an expert team, Venafi delivers the most sophisticated and innovative solutions for the world’s most demanding, security-conscious Global 5000 organizations and government agencies. “The future is here today, and while most people dwell on the past, we believe in building a new tomorrow. Our aim has always been to secure the cryptographic keys and digital certificates that authorize and control all machine-to-machine connections and communications. This is why we are the only company in the world focused exclusively on machine identity protection,” concludes Hudson.