Venafi Debuts Scalable Security Solution for Hardware Security Modules

Venafi Advanced Key Protect integrates with Thales and Gemalto, ensuring consistent use of strong cryptographic keys

SALT LAKE CITY--()--Venafi®, the leading provider of machine identity protection, today announced the debut of Venafi Advanced Key Protect, a new solution that allows users to generate strong encryption keys from a central hardware security module (HSM). Venafi Advanced Key Protect integrates with industry-leading HSMs, including Thales and Gemalto, allowing customers to ensure consistent use of strong cryptographic keys throughout the enterprise.

“In the age of security risks like Meltdown and Spectre, the threats against machine identities cannot be understated,” said Kevin Bocek, vice president for security strategy and threat intelligence at Venafi. “Harnessing the power of HSM key generation to improve security has been time-consuming, expensive and error-prone. Now with Venafi Advanced Key Protect, security teams no longer need to trade off speed and crypto-agility for compliance. Venafi is excited to work with our HSM partners to deliver this powerful innovation to our mutual customers.”

As the number of vulnerabilities and attacks targeting encryption keys increases, it is imperative that enterprises utilize stronger keys. Because organizations that deploy HSMs lack the ability to manage their keys centrally, it is difficult to consistently enforce enterprise policy controls. Lack of central management capabilities also makes automation of the entire key life cycle problematic. To address this issue, many organizations create custom scripts that require ongoing maintenance or use manual, error-prone processes.

Venafi Advanced Key Protect delivers an out-of-the-box solution that overcomes these challenges. As an add-on module to the Venafi Platform, the security solution applies policy and workflow controls that enable fast, automated key orchestration. Together, these capabilities make it possible for enterprises to ensure they consistently use the strongest cryptographic keys possible.

Key benefits of Venafi Advanced Key Protect include:

  • Out-of-the-box compliance with enterprise policies and industry regulations, including Payment Card Industry Data Security Standard (PCI DSS) 3.6.1 and 3.6.3.
  • Automation of strong centrally generated keys across the entire extended enterprise.
  • Ability to maintain private keys under strict policy controls in a secure, centralized location.
  • Dramatic reduction of risk of compromise via side-channel attacks, including Spectre and Meltdown.

“It’s critical for businesses in tightly regulated sectors, such as financial services and healthcare, to secure their machine identities,” said Hari Nair, director of product management and cryptographic researcher at Venafi. “With Venafi Advanced Key Protect, organizations can leverage the power of HSMs to generate and guard strong machine identities. This capability is essential for securing communications within and outside of the enterprise.”


Webpage: Venafi Advanced Key Protect

Datasheet: Delivering Scalable Private Key Security with Hardware Security Module Leaders

About Venafi

Venafi is the cybersecurity market leader in machine identity protection, securing connections and communications between machines. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, IoT, mobile and SSH. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise —on premises, mobile, virtual, cloud and IoT — at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.

With over 30 patents, Venafi delivers innovative solutions for the world's most demanding, security-conscious Global 5000 organizations, including the top five U.S. health insurers; the top five U.S. airlines; four of the top five U.S., U.K. and South African banks; and four of the top five U.S. retailers. For more information, visit:


Shelley Boose, 408-398-6987

Release Summary

Venafi Advanced Key Protect integrates with industry-leading HSMs and allows customers to ensure consistent use of strong cryptographic keys


Shelley Boose, 408-398-6987