Venafi stories

Venafi, the machine identity management expert, has introduced Firefly, the only lightweight machine identity issuer that supports highly distributed, cloud native environments.

"Through the Venafi Control Plane, we’re modernising machine identity management and making managing machine identities in cloud native environments easier."

Integration of Venafi’s control plane for machine identity management into Tanzu Service Mesh makes it easier to enable multi-cloud, multi-cluster security.

Venafi has released its predictions for the cybersecurity landscape in 2023, indicating that this will be one the most challenging years yet for the industry.

Cert-manager, the standard for TLS machine identity management in cloud native services, multi-cluster environments, achieves key maturity milestone.

The Venafi Control Plane unifies machine identity management across all identity types; in data centres, cloud, hybrid environments and at the edge.

According to new Venafi research, complexity is due to increase, as companies plan to host more applications in the cloud.

Venafi has announced the findings of new research that evaluates the security impact of the increasing number of nation-state attacks and recent shifts in geopolitics.

Nearly two-thirds suspect their organisation has been either directly targeted or impacted by a nation-state cyberattack.

A new study from Venafi has found 82% of CIOS say their organisations are vulnerable to cyberattacks targeting software supply chains. 

“We can’t solve this problem using existing methodologies. Instead, we need to think differently about the identity and integrity of the code we are building."

The web-based resource is designed to help organisations evaluate and plan the crucial steps they need to establish effective software supply chain security.

Digital transformation is driving an average of 42% annual growth in the number of machine identities, according to a new study from Venafi.

New research has found extortion continues even if a ransom is paid, while CISOs are under increasing pressure.

"Unfortunately, our research shows that while most organisations are extremely concerned about ransomware, they also have a false sense of security about their ability to prevent these devastating attacks."

There is a glaring disconnect between executive concern and executive action when it comes to guarding against SolarWinds-style supply chain attacks.

IT security professionals and developers aren’t completely confident in their ability to defend against another SolarWinds/Codecov-style supply chain attack.

While CIOs say they are concerned about the security risks SSH machine identities pose, Venafi data indicates they seriously underestimate the scope of these risks. 

Venafi, the provider of machine identity management, finds that malware attacks using machine identities doubled from 2018 to 2019, including high-profile campaigns such as: TrickBot, Skidmap, Kerberods and CryptoSink.

"Machine identity capabilities have become commoditised and are being added to off-the-shelf malware, making it more sophisticated and harder to detect."

Despite the prolific usage of TLS certificates within organisations, many CIOs aren't concerned about security risks associated with TLS machine identities.

"Our team is thrilled to join Venafi so we can accelerate our plans to bring machine identity protection to the cloud native stack, grow the community and contribute to a wider range of projects across the ecosystem.”

“Powerful attack methods, like establishing backdoors with machine identities, are now available as commodity malware, making it harder for security professionals to defend against these attacks.”

Organisations worldwide could recover a collective total of between US$51 billion to as much as US$72 billion just by repairing their poorly protected machine identities.