Venafi and nCipher Security partner

Venafi and nCipher Security have formed a new technology partnership and integration. The integrated solution combines Venafi Advanced Key Protect with nCipher nShield hardware security modules (HSMs) and can be used to scale the generation and protection of machine identities – even in complex, high‐security environments.

  • 5 years ago Posted in
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems. HSMs provide organizations with a trusted, proven and auditable way to secure these machine identities. However, many organizations create custom scripts and use other manual processes to generate keys, leaving them much more vulnerable to attack and introducing new risks to the global enterprise.

 

With the integration of Venafi Advanced Key Protect and nCipher nShield HSMs, organizations ensure the strongest cryptographic keys are always used across the enterprise. Featuring the same automation available in the Venafi Platform, TLS and SSL keys are generated centrally and securely within nShield HSMs. For even greater security, TLS keys remain on the nShield HSM throughout their entire life cycle – from key generation and certificate issuance to rekey and renewal processes.

“Our integration with nCipher nShield HSMs is easy to deploy, reduces errors and dramatically cuts the time and resources required to use SSL and TLS keys and certificates with HSMs,” said Kevin Bocek, chief cybersecurity strategist for Venafi. “Through our partnership with nCipher, we are providing organizations the ability to automate machine identity life cycles with the highest level of protection possible. This includes protection for the most popular web services in enterprises today such as Microsoft IIS, Apache and Java application servers. Our integrated solution also works immediately with all of the leading certificate authorities in the Venafi Technology Network.”

Key benefits of Venafi and nCipher’s integration include:

  • Improves policy and workflow controls that enable fast, automated orchestration of keys.
  • Significantly reduces the risk of keys being stolen from file systems, software certificate stores and system memory – including the risk from side-channel attacks such as Spectre and Meltdown.
  • Manages certificates and keys in a FIPS 1402 Level 2 and Common Criteria EAL4+ hardened, high-assurance environment.
  • Increases the number of strong keys generated from a NISTcertified random bit generator (RBG).
  • Orchestrates the use of HSMs under strict policy control across the enterprise.

 

“As our customers make the transition to increasingly digital environments, they need to trust the machines that are used across their networks to support critical business functions such as securing web transactions, privileged access and authenticating software code,” said Peter Galvin, chief strategy officer at nCipher Security. “If the identities of these machines are not authenticated and protected, then they are open to misuse by cybercriminals. Through a consistent use of strong cryptographic keys, Venafi and nCipher make it possible for customers to own and control the keys and certificates used to authenticate machine identities and establish trust in these digital transactions.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...