Protecting machine identities is an essential component of accelerating your digital transformation. Internet security tends to be one thing that many agree is essential—especially as we deepen our reliance on the internet and the machines that support our digital economy. That makes an extensive ecosystem of seamlessly connected security technologies so vital.
Venafi is extremely pleased that the Machine Identity Management Fund continues to attract the smartest minds to protect machine identities. As a result, our customers continue to expand their machine identity protection in new and impactful ways. That's the power of the Venafi ecosystem. That's the power of the Development Fund. That's why we're attracting more and more developers globally into the Fund.
This round of the Development Fund saw two new milestones:
- Second rounds: Based on their success, New Context and Jetstack returned to the Fund to further machine identity protection innovation.
- Jetstack joins Venafi: Used by thousands of businesses globally, Jetstack’s innovation and their success in the Venafi ecosystem led the Jetstack team to join Venafi in June!
The Machine Identity Management Development Fund has directly sponsored three new developers plus two returning developers in the second quarter of 2020. These experts in their field are creating integrations that accelerate the delivery of comprehensive protection for machine identities across microservices, DevOps, multi cloud environments and Internet of Things (IoT) networks. The newest developers to receive sponsorship from the Machine Identity Management Development Fund include:
- Anjuna Security [anjuna.io] a leader in the development of enterprise enclaves, will secure certificates and private keys issued and managed by Venafi. The enclave integration will protect machine identities from insiders who might have access to the hosts running backend applications, such as web-servers or databases. Secure enclaves are an industry standard backed by major CPU and cloud vendors that enable hardware level encryption of data in memory, on storage and across the network. Anjuna uses enclaves to encrypt private keys, so they are only accessible within the enclave running the application and can’t be stolen by attackers gaining access to the host. Anjuna, based in California, will integrate Venafi with the Anjuna Enterprise Enclaves.
- Filancore, a new startup in the fast-moving distributed application and ledger world, will build verifiable identities that uniquely demonstrate proof of ownership to solve the age-old problem—should a machine really own the identity it’s using. Today machine identity verification can only establish if a certificate is valid, not whether the machine is truly the machine that should being using the certificate. This project seeks to provide a means to globally define an undisputable link between a machine and its machine identity across different sites, networks and businesses. Filancore UG is headquartered in Germany.
- Jetstack, an innovator in the Kubernetes ecosystem, has built an enhanced cert-manager for machine identities in Kubernetes with enterprise features including custom fields, JKS and PKCS12 formats, and enabling TLS inspection workflows. cert-manager solves the production-ready requirements for machine identities in the Global 5000. With cert-manager, DevOps teams have an easier way to automate enterprise-approved machine identities with Kubernetes, and security teams have visibility and can maintain certificate policies. Jetstack is headquartered in the UK, participated in their second round of Development Fund sponsorship, and was recently acquired by Venafi.
- New Context, the security innovator for highly regulated industries such as energy, telecommunications, finance and government, is helping Venafi customers unite the worlds of DevOps and security where HashiCorp Vault and Datadog are being used. Now Venafi customers can push event data into the Datadog cloud for analysis with an Adaptable Log Channel driver that connects to Datadog. New Context has also built integrations that automate TLS certificates for applications using HashiCorp Vault provisioned from the Venafi Platform or a Go application that can be run from anywhere. New Context is based in California, and this is their second round of participation in the Development Fund.
- ServiceRocket, leaders in building apps for the Atlassian ecosystem, are building an Atlassian Self-Service Jira Plugin for the Venafi Platform that will be published to the Atlassian Marketplace. Today, security teams can’t give engineering and operations teams an easy way to deliver self-service for TLS machine identities when Atlassian Jira is the standard interface. Now there will be an out-of-the-box integration that makes it easy for engineers to access machine identities that enforce policies that are set in Venafi. This helps customers give more engineers access to machine identity management to eliminate errors, reduce risk, and increase compliance. ServiceRocket is co-headquartered in Australia and California.
“This is a monumental milestone in the Development Fund. Jetstack joined the Venafi team after we started working together two years in the Development Fund, and New Context participated in their second round after their first success last year,” said Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. “Venafi’s vision of a world where all machine identities are protected is closer to being realized with new integrations for Kubernetes, Atlassian Jira, Datadog, and HashiCorp Vault. And we’re exploring new levels of protection with secure enclaves and verifiable identities built on distributed ledger technology. All of this is why we started the Development Fund and will continue to lead in fostering new innovation for our customers.”