A few weeks ago, Venafi introduced Advanced Key Protect, an add-on module for the Venafi Platform that integrates with HSMs to provide strong keys and key storage. This new module integrates the Venafi Platform with Thales and Gemalto HSMs, and provides tremendous value to organizations who currently use products from either company.
HSMs provide the strongest key generation on the market. These keys are generated with high entropy, also referred to as randomness and they are more difficult to break than keys generated by other means. I see this as more options for customers to choose the level of security they require.
Additionally, Advanced Key Protect can also use the HSM for key storage. Many customers have difficulties maintaining keys that are used to generate certificates because they are often stored in flat files with the applications themselves. Customers have long used the Venafi Platform to centrally store and manage keys so they aren’t vulnerable to accidental deletion, copying, and are easier to revoke and replace quickly if necessary. With Advanced Key Protect, customers can now use their HSMs to generate and store keys securely – the keys never leave the HSM.
I had a wonderful conversation with my counterpart at Thales last week at RSA (disclaimer, he’s also an old friend) and he mentioned how wonderful this new product was to our mutual customers. It truly does extend the value of the security infrastructure our customers have already purchased. What’s more is that Venafi chose to integrate with leading HSMs rather than build another solution in-house to reduce the amount of disparate solutions our customers have. Integration is key to building a best-in-breed security solution.
Although this new module requires the Venafi Platform and either a Thales or Gemalto HSM, it provides tremendous value to existing customers who currently own both products. If you are an HSM owner and want to learn more about Venafi products, please don’t hesitate to set up a call.