Lowering Business Risk with Trusted Keys and Certificates at a Leading Energy Company
Before Venafi: Manual management of known certificates; increased reliance on PKI—SSL/TLS, mobile devices, and multi-factor authentication; no visibility into root cause of outages.
After Venafi: Discovered over 2,500 keys and certificates, repaired undetected vulnerabilities; enabled “push-button” remediation; established charge-back revenue model for ops team.
Because of the critical nature of energy supplies, this leading energy company has a first-class security team dedicated to protecting its digital and physical assets. The team planned to increase the company’s reliance on Public Key Infrastructure (PKI), using certificates to secure web services, enable multifactor authentication, and secure VPN access and mobile devices.
To support these initiatives, the company knew it needed to replace its manual approach with something more automated. While only actively managing 50 certificates, they knew many more were “out there.” But without visibility or remediation, they were unable to manage and secure all of their keys and certificates. They realized that this would only get worse as the number of certificates grew.
The Venafi Difference
The company’s PKI team sought out Venafi after hearing that Venafi was named a “cool vendor” by Gartner. Using the Venafi platform, they found 2,500 keys and certificates—well beyond the 50 they were manually managing—and identified 500 of these as high risk. By providing a complete key and certificate inventory and detailed visibility, Venafi has become an integral part of the company’s security ecosystem, including API integration with other security appliances.
By using Venafi to secure its keys and certificates in its expanding PKI, the energy company is able to grow its reliance on PKI safely.