Skip to main content
banner image
venafi logo

A Light-hearted Look at Machine Identities [Newbie Perspective]

A Light-hearted Look at Machine Identities [Newbie Perspective]

kubernetes-wheel
March 31, 2022 | Camille St. Regis

As a new team member at Venafi, understanding machine identities and the importance of properly managing them required a fair amount of imagination. So, I just decided to follow my fancy and think about fun new ways to explore machine identity management. I hope you’ll enjoy my light-hearted flight of fantasy. I’ll share it with you here.  

Are you facing a machine identity crisis? Venafi can help you out.
">

For a recovered young adult fantasy novel addict, the world of machine identities presented itself as an exciting new realm to explore. My first stop on the journey to understand machine identities was Kubernetes. Even though I was just beginning to learn to steer the ship [pun intended], I had started with the most modern application for machine identities: container security. There were many new concepts to absorb, but that one, in particular, necessitated a trip to Google and several panicked virtual meetings with peers. 

Looking back, researching Kubernetes helped me understand how much I had to learn before I could fully comprehend the space Venafi occupies. It was the epitome of abstraction and a kind of chaotic deity of certificate creation, proliferating rapidly and running around unmanaged in many cases. Eventually, I was able to grasp that our solution for managing cloud-native certificates, Jetstack Secure, was just what harried InfoSec teams needed to tame the uproarious winds of certificates in Kubernetes and OpenShift environments.   

Making sense of the Venafi portfolio

Once I had carved out a mental space for Kubernetes and related concepts to occupy, I still needed to make sense of the different products in the Venafi portfolio, all of which seemed to blur together due to their conceptual presentation. It felt maddening to attempt to understand the difference between TLS certificates and SSH keys. Then there was code-signing. And the patriarch of them all, the Trust Protection Platform—watching over all the different types of warriors. To fully differentiate between all these types of machine identities, I needed to explore these seemingly mythical creatures separately to fully understand their distinguishing characteristics. 

TLS certificates still appear to me like a shapeshifting entity; settling on a stable and fitting mental image has proved a difficult feat for my mind. However, when I compare TLS certificates to SSH keys, one clear difference emerges: one is more ephemeral and the other possesses eternal life. TLS certificates “shapeshift” because they have short lifespans and must be replaced often. SSH keys are immortal genie-types; if Jafar got ahold of them, they could be used for nefarious activity. Unlike the other two, code-signing machine identities evokes a rather simple visual: a signature (or fingerprint, or a blood sample, or a tooth imprint).

The most enlightening piece of information about our product line came from Venafi CEO, Jeff Hudson. He explained that he coined the slogan “fastsecure” after musing on the function of a bicycle helmet. Because he could be assured of his safety while wearing that helmet, he was able to navigate steep downhills at great speeds. He sees the same type of scenario playing out with machine identity management every day. For me, I found his way of integrating his work with his everyday life inspiring. Maybe one day I’ll no longer see the world of machine identities as a parallel fantasy realm, but as part of my own reality as well.

Related Posts

 

Like this blog? We think you will love this.
orchestration-and-automation-machine-identities
Featured Blog

Orchestration and Automation are Critical for Machine Identities

The challenges of identity-based zero trust security

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies
eBook

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Camille St. Regis
Camille St. Regis
Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more