Venafi Signs Agreement with GlobalSign for Security Expansion in DevOps

By CIOReview | Friday, May 24, 2019
Jeff Hudson, CEO, Venafi

Jeff Hudson, CEO, Venafi

FREMONT, CA – Venafi, the premier developer of machine identity protection solutions, penned an agreement with GMO GlobalSign, a global certificate authority and a leading provider of identity and security solutions for the internet of things (IoT), to address the challenges in DevOps. According to the partnership agreement, Venafi integrated its cloud with GlobalSign PKI solutions to automate the procurement and installation of digital certificates.

The integration offers DevOps teams with seamless access into trusted machine identities over multiple clouds, hybrid infrastructure, and containerized environments.  It provides standardized and automated SSL/TLS certificates that support company policy without compromising on the security. Developers and information teams can leverage GlobalSign’s cloud-based PKI services. The simplified process will eliminate the need to build and manage online certificate status protocol (OCSP) and certificate revocation lists (CRL).

Venafi cloud provides advanced integration solutions to the DevOps teams, including SaltStack, Docker, HashiCorp Terraform, HashiCorp Vault, Jetstack cert-manager, and Ansible. The integration also offers standard interfaces such as REST API, Vcert SDK, and ACME for cross-team utilization. It has provided enterprises with a single service for machine identities in different clouds and hybrid infrastructure, thus increasing the effectiveness of DevOps. 

The service leverages cryptographic keys to act as machine identities, forming the security foundation for the enterprise network applications and cloud environment. The rising demand for DevOps has increased the requirement of machine identities. Also, the lack of uniform standards in the procurement of machine identities has added to the challenges faced by enterprises.

However, the integration of GlobalSign’s scalable PKI service with Venafi Cloud eliminates machine identity risks plaguing DevOps and cloud environments. Besides, it facilitates quick and seamless automation of TLS certificates, whether it is an integration or API. The total visibility offered by Venafi ensures the use of trusted certificates, promoting flexible machine identity protection.

The integration of Venafi Cloud and GlobalSign allows prompt certificate issuance and delivery. The certificate issuance is embedded into the existing tools such as configuration management, release automation, container orchestration, and secrets management tools. The automation of certificate lifecycle prevents outages and eliminates errors, enforcing seamless security policies with DevOps. The integration fully complies with the payment card industry data security standard (PCI DSS), national institute of standards and technology (NIST), health insurance portability and accountability act (HIPAA), and other audit frameworks.