Machine identities are exploding, and attackers are looking to misuse them every day. Venafi is committed to enabling our customers to protect their business-critical applications, and to support this effort, we created the Machine Identity Protection Development Fund. With $12.5 Million, the Fund sponsors the development of integrations with the Venafi Platform over the coming years, accelerating the expansion of the Venafi ecosystem.
In just six months since the Development Fund’s inception, eleven companies are building integrations with the Venafi platform. Many of the funded developers were present at the 2019 Venafi Global Customer Summit in Orlando, and I had the pleasure of getting to know them and learning about the exciting plans they have for the Venafi Platform.
In this first interview series, I am speaking with Waldemar Rosenfeld who is a Product Manager at APIIDA in Germany.
Bridget: What does APIIDA do?
Waldemar: APIIDA helps customers to develop, implement and operate tailored security concepts. As you can already see in our company’s name, we focus on API and IDA, which means Identity & Access Management. The APIIDA API Gateway Manager complements the Broadcom Layer 7 API Gateway, the leading API Management solution by Broadcom. It enables organizations to monitor and manage multiple API Gateway instances in distributed environments. It makes it easy and reliable!
Bridget: As part of the Development Fund, what’s the machine identity protection challenge you are seeking to solve?
Waldemar: API gateways are important ingredients to Global 5000 DevOps, cloud, PSD2, and digital transformation strategies. API gateways use large numbers of machine identities, TLS keys and digital certificates, to establish trust and privacy. But API gateways, including Broadcom Layer 7 API Gateways, do not include machine identity protection to provide security teams the intelligence of how machine identities are being used. Nor do they provide network operations teams with the automation to eliminate time-consuming and error-prone TLS certificate lifecycle functions.
Bridget: How is APIIDA going to solve this challenge?
Waldemar: Venafi customers need a current, supported driver in order to integrate the Broadcom API Gateway with machine identity protection. So, APIIDA is building an Adaptable Driver as initial integration. We will also integrate Venafi into the APIIDA API Gateway Manager in order to have fully automated machine identity integration.
Bridget: Describe the new world for customers when the API Gateway management integrations are complete.
Waldemar: Right now, API gateways do not include automation for machine identities and operate as standalone instances. This results in significant operational costs and risks. Our goal is to change that! With the fund sponsorship, APIIDA is going to deliver two main benefits for Venafi customers. The first benefit is that APIIDA will build an integration for Venafi customers that are already using the Adaptable Application Driver. This will also support API Gateways with the REST API interface. A second benefit is that we will also integrate the APIIDA API Gateway Manager with the Venafi Platform. This will support automation of machine identities for a longer list of API gateways.
APIIDA’s API Gateway Automation integrations are targeted to be complete midyear for the Adaptable Driver and later this year for the APIIDA API Gateway Manager integration. Visit APIIDA on the Venafi Marketplace for more information and to download their Adaptable Driver. And stay tuned for future interviews with Machine Identity Protection Development Fund recipients.