fotogestoeber - Fotolia
Machine identity protection development gets funding boost
Cyber security firm Venafi has launched a development fund aimed at accelerating the delivery of protection for machine identities
Venafi has launched a machine identity protection development fund during its Machine Identity Protection Live virtual event that aims to provide insight and education on protecting machine identity.
The first $12.5m tranche of the fund provides developers with direct sponsorship from Venafi to help accelerate the delivery of comprehensive protection for all machine identities, which includes the cryptographic assets that enable and secure private communication between machines.
The fund will sponsor a range of developers, including consultants, systems integrators, fast-moving startups, Open Source developers and other cyber security suppliers.
Funded developers will create integrations that ensure every new machine identity is automatically updated in the Venafi Platform.
The launch comes just a week after mobile network operator O2’s 4G outage was caused by an expired digital certificate, and headset software firm Sennheiser addressing a vulnerability in a root certificate.
Venafi’s Machine Identity Protection Development Fund aims to address issues such as these directly, by building a community of funded developers to accelerate industry’s ability to protect machine identities, including hardware, software, platforms, containers, algorithms, apps and websites that are used by consumers and businesses on a daily basis.
Unlike other funds, Venafi said it was not a referral programme to third parties like venture capitalists (VCs) or private equity partners. Instead, the fund provides direct sponsorship from Venafi to incentivise developers to build integrations that speed up the industry’s ability to protect all machine identities.
The fund will initially focus on integrations with DevOps tools and frameworks, cloud providers and data visualisation providers. At the same time, Venafi said it also wants to ensure future needs are met by building machine identity protection into new product development around such emerging technologies as code signing, blockchain, internet of things (IoT) and artificial intelligence/machine learning.
“The Machine Identity Protection Development Fund is the next logical step for cyber security,” said Kevin Bocek, vice-president of security strategy and threat intelligence for Venafi.
“While we spend over $8bn protecting the identities of humans on our networks, we invest very little in time, resources and money to safeguard the identities of machines, especially those used in the cloud, in DevOps environments and on IoT devices.
“As the volume, velocity, variety and volatility of machines continue to increase, the need for comprehensive machine identity protection grows exponentially. By providing developers with direct sponsorship, Venafi is accelerating the rate at which these complex problems are solved for the Global 5000 and, at the same time, expanding their strong, thriving partner ecosystem,” he said.
Sponsored developments
At Machine Identity Protection Live, Venafi also named the first three developers to receive sponsorships. These are UK-based Jetstack and OpenCredo, and US-based Cygnacom.
Jetstack, an open source developer and innovator that helps organisations deploy Kubernetes at scale in production environments, will use the funds to make its cert-manager automation framework ready for production workloads with transport layer security (TLS) machine identities that are delivered and secured by the Venafi Platform.
This will allow DevOps teams that use Kubernetes to move quickly, while security teams can rest assured that enterprise security policies for machine identities are being enforced. Using the Venafi Platform, Jetstack will achieve another industry first: enabling security administrators to validate and audit the current state of certificates used in Kubernetes. This is something that cannot be accomplished by humans or traditional network scanners in dynamic microservices and containerised environments.
OpenCredo, a software consultancy specialising in machine learning, cloud and DevOps applications, will use the funds to create the industry’s first open source Kafka connector for secure socket shell (SSH) network protocol. The connector will use machine identity intelligence from the Venafi Platform to feed graph databases. This will enable organisations to identify SSH machine identity risks, vulnerabilities and anomalies in real time.
Cygnacom, a global leader in developing and deploying public key infrastructure (PKI) and identity and access management (IAM) for security-conscious government and commercial organisations, is using the Venafi Adaptable Certificate Authority Driver interface. Cygnacom used the interface to build eConnector, which integrates Entrust Authority Security Manager for PKI with the Venafi Platform and is used in production by Venafi customers. Cygnacom will use the funds to extend its eConnector product line and automate the machine identity lifecycle for IBM System Z mainframes running RACF CA.
Venafi said the Machine Identity Protection Development Fund aimed to encourage recipients to build integrations that deliver greater visibility, intelligence and automation across any technology that creates or consumes machine identities, cloud and hybrid cloud infrastructure, DevOps, containerisation, SSH, code-signing, enterprise mobility management (EMM), mobile device management (MDM), artificial intelligence, machine learning, big data analytics, IoT and blockchain distributed ledger technology.
Read more about machine identity
- Managing machine identities is looming as the next big security challenge, a study reveals, with few organisations capable of protecting them as they increasingly form the basis of online communications.
- Identity and access management for service, machine and application accounts is as important as it is for individuals, so be sure your IAM strategy considers so-called non-users.
- Organisations are starting to understand that “identity” has not been addressed in the full enterprise stack because there is no common standard for machine identity, access control and management, or audit across a multiplicity of platform components.