Archive for Keyfactor

Keyfactor Expands End-to-End Crypto Capabilities with SSH Key Management

Posted in Commentary with tags on September 8, 2020 by itnerd

Keyfactor, the leader in crypto-agility solutions, today announced the release of SSH Key Manager for Keyfactor Command, its complete certificate lifecycle automation and PKI as-a-Service platform. The solution replaces manual management methods, automating access and distribution of SSH (Secure Shell) keys across machines, applications and devices within the enterprise.

SSH keys are used to secure remote access to critical systems and applications. However, lack of adequate management and evolving cyber-attack vectors make SSH keys increasingly vulnerable to exploit. Developers and system administrators often generate SSH keys using default configurations, with many left unmanaged on the network and vulnerable to compromise.

As enterprises expand their use of cryptography to protect sensitive data and secure connections across the business, managing sensitive SSH keys, X.509 certificates and cryptographic keys – sometimes referred to as machine identities – becomes critical. Keyfactor enables customers to establish an end-to-end machine identity strategy, with a centralized platform to manage all keys and certificates in the organization.

According to Gartner, machine identity management “encompasses a number of technologies, that today remain mostly siloed (i.e., X.509 certificate management, SSH key management, as well as secrets and other crypto-key management).” Gartner advises security and risk management leaders focused on identity and access management (IAM) to “use full life cycle management or discovery-centric tools to audit the number of deployed machine identities; and to identify the potential risks from expiry and overall compliance.”*

SSH Key Manager for Keyfactor Command enables:

  • Reduced risk exposure – maintaining a real-time inventory of SSH keys and the ability to delete or rotate weak or inactive keys.
  • Complete visibility – allowing teams to find SSH keys and map trust relationships to users, machines and web services, whether on-premises or in the cloud.
  • Greater control – providing a simple dashboard to identify risks, assign key permissions and simplify audits with easy-to-generate reports.
  • Seamless automation – automating SSH key deployment as workloads are spun up in multi-cloud and CI/CD environments.

To learn more or to request a demo of the SSH Key Manager for Keyfactor Command, please visit:

*Gartner Hype Cycle for Identity and Access Management Technologies, 2020, 16 July 2020, Ant Allan

Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Keyfactor Ranks Fastest Growing Digital Key & Certificate Automation Provider On Inc. 5000

Posted in Commentary with tags on August 18, 2020 by itnerd

Keyfactor, the leader in crypto-agility solutions, ranked as fastest growing digital key and certificate automation provider on the 2020 Inc. Magazine Inc. 5000, an annual ranking of America’s fastest growing private companies. The list represents a unique look at the most successful companies within America’s privately held business sector.

Noting Keyfactor’s momentum, in the past year the company:

  • Welcomed its 500th customer to the Keyfactor platform, a five-fold increase since 2018
  • Secured more than 500 million digital certificates under management
  • Announced partnerships and integrations with innovators such as HashiCorp, ServiceNow, F5, CyberArk, PrimeKey and Thales
  • Earned recognition as a Sample Vendor for Machine Identity Management in Gartner’s Hype Cycle for Identity and Access Management Technologies, 2020 (Authored by Ant Allan, Published 16 July 2020)

The 2020 Inc. 5000 is ranked according to percentage revenue growth when comparing 2016 and 2019. Not only have the companies on the 2020 Inc. 5000 been very competitive within their markets, but the list as a whole shows staggering growth compared with prior lists as well. 

Complete results of the 2020 Inc. 5000 can be found at

Keyfactor & PrimeKey Partner To Enable Highly Scalable PKI

Posted in Commentary with tags on June 23, 2020 by itnerd

Keyfactor, the leader in securing digital identities, and PrimeKey, a leading provider of open-source public key infrastructure (PKI) and digital signature solutions, today announced a partnership and integration to simplify and automate PKI for large-scale enterprise and internet of things (IoT) deployments.

Enterprises today – and a growing number of connected device manufacturers – rely on PKI to enable digital security. Enterprise security teams and IoT product developers issue trusted and unique identities necessary to protect sensitive data, ensure uptime and secure connections across cloud services and connected devices.

PrimeKey delivers a uniquely scalable and flexible alternative to existing certificate authority (CA) software, providing turnkey PKI solutions for governments, financial institutions and thousands of global enterprises. As a pioneer in open-source PKI, PrimeKey’s solutions address a range of digital identity use cases such as IoT, e-ID and e-Passports, as well as PKI migration and consolidation.

Enterprises today use a mix of public and private CAs to support PKI, yet ever-increasing certificate volumes are a challenge to manage across multiple CA-provided tools. Using an API-based gateway, Keyfactor’s certificate management solution (Keyfactor Command) integrates with PrimeKey’s PKI (EJBCA Enterprise), providing end-to-end visibility and automation to all private and publicly issued certificates within a single, purpose-built platform.

Additionally, the integration between EJBCA Enterprise and Keyfactor’s end-to-end identity platform for connected devices (Keyfactor Control) makes it easy and affordable for IoT device manufacturers to embed trusted identity into their IoT products at design, and secure firmware and software updates through the device lifecycle. 

To learn more about the integration, visit:

Keyfactor Announces wolfSSL Partnership At The RSA Conference

Posted in Commentary with tags on February 25, 2020 by itnerd

Keyfactor today announced at the RSA Conference its partnership and technology integration with SSL/TLS crypto-library provider wolfSSL. The integration provides greater security control to IoT (Internet of Things) device manufacturers at design and through a product’s lifetime.

Recent research analyzed IoT device vulnerabilities, emphasizing inherent design constraints and limited entropy as critical factors contributing to IoT device security risks. Solid yet flexible cryptographic libraries are critical in ensuring embedded and connected IoT devices can scale with evolving security requirements and best practices.

The integration combines wolfSSL crypto libraries with Keyfactor PKI-as-a-Service and certificate lifecycle management to secure next gen connected IoT devices. Keyfactor Control enables device designers and manufacturers to leverage technology and PKI to continuously replace, manage and update cryptography on IoT devices, while wolfSSL SSL/TLS libraries support resource constrained IoT systems across industrial control systems, medical devices and connected vehicles.

WolfSSL and Keyfactor will introduce the partnership and integration at 4:00pm on February 25th and 26th in the South Hall at Booth #3211 at RSAC in San Francisco.


Keyfactor Launches Global Partner Network

Posted in Commentary with tags on February 20, 2020 by itnerd

Keyfactor, the leader in securing digital identities, today announced the launch of the Keyfactor Partner Network, its global channel partner program, and the appointment of BJ Ferguson as head of global channel sales and operations

The Keyfactor Partner Network includes solutions providers, strategic OEM and distribution alliances, custom systems integrators and strategic technology integrations providers. Qualifying partners benefit from a trusted transaction approach, aggressive sales margins and extensive support with access to education, certification programs and marketing development funds.

New research found only 38% of enterprise respondents have enough IT security staff members dedicated to PKI deployment, and that program responsibility is dispersed across IT operations (21%) and other lines of business (19%). Lack of defined ownership and disparate tool use is driving security risk, with 73% of businesses reporting unplanned downtime and outages due to mismanaged digital certificates, a core component within PKI.

For more information about the Keyfactor Partner Network, visit:


60% of Enterprise Ill-equipped to Detect and Respond to Public Key Infrastructure (PKI) Degradation or Breach: Keyfactor

Posted in Commentary with tags on February 11, 2020 by itnerd

Keyfactor and Ponemon Institute today released the 2020 edition of “The Impact of Unsecured Digital Identities,” a benchmark report exploring enterprises’ ability to manage increasing numbers of cryptographic keys and digital certificates securing network connections.

Digital certificates and keys ensure authenticity across enterprise user, application and device identities. Cryptographic algorithms encrypt the data associated with those identities, providing secure communication and exploit protection. Two-thirds of respondents say their organization is adding additional layers of encryption to comply with industry regulations and IT policies; however, shorter certificate validity has doubled the management workload on short-staffed IT and security teams.

Additional key findings:

  • Connected IoT increasing risk: 60% say they’re adding additional layers of encryption technologies to secure IoT devices, but 46% admit low ability to maintain IoT device identities and cryptography over device lifetime.
  • A rise in security incidents: on average, organizations have experienced a Certificate Authority (CA) or rogue man-in-the-middle (MITM) and/or phishing attack five times in the last 24 months, with a 40% likelihood of a MITM or phishing attack over the next 24 months; 73% of respondents admitted that digital certificates have and continue to cause unplanned downtime and outages.
  • Staffing shortages: on average, 16% of the IT security budget is spent on PKI deployment annually, yet just 38% of respondents say their organization has enough IT security staff members dedicated to PKI deployment.
  • Cryptography related security incidents undermine trust: 76% of respondents say failure to secure keys and certificates undermines the trust their organization relies upon to operate.
  • Cryptography lacks a center of excellence: Despite the rising cost of PKI and growth of cryptography-related incidents, just 60% of companies have the ability to drive enterprise-wide best practices.

The study was conducted by Ponemon Institute on behalf of Keyfactor and included responses from more than 600 IT and infosec executives and practitioners in the United States and Canada across 14 industries, including financial services, healthcare, manufacturing, retail and automotive.


Keyfactor Announces DevOps Integrations With Ansible, Docker, HashiCorp, Jenkins and Kubernetes

Posted in Commentary with tags on January 21, 2020 by itnerd

Keyfactor today announced DevOps integrations with automation and containerization industry leaders Ansible, Docker, HashiCorp, Jenkins and Kubernetes to offer security-first services and solutions designed to seamlessly integrate with existing enterprise tools and applications.

A rise in cryptographic-based attacks, like last year’s ASUS attack, exploit third-party software and its digital certificates, allowing attackers to connect to sensitive backend systems or push malware through updater tools. Recent research indicates a 39% likelihood that organizations will experience a similar server certificate or key misuse incident over the next two years.

According to research firm Gartner Inc., “proper secrets management, including certificate and key management, is crucial to security agile applications.”1

Digital certificates have long played an integral – if not routine – role in DevOps workflows, securing authentication across users, devices and applications. The secure identities the certificates establish reinforce key DevOps practices within infrastructure, pipeline, code and microservices integration, thereby bridging the DevSecOps gap and the ability to mitigate security risk.

Keyfactor offers cloud-hosted PKI-as-a-Service infrastructure through integrated certificate and key management, secure signing and secure IoT device design. The platform provides discovery, integration and orchestration capabilities, enabling teams to gain complete crypto-agility, extensibility and visibility.

Researchers Identify Serious RSA Certificate Vulnerability

Posted in Commentary with tags on December 16, 2019 by itnerd

Keyfactor today announced research findings identifying a vulnerability across active RSA certificates. RSA certificates and the RSA algorithm are commonly used to securely transmit data to a remote source. Using minimal computing resources, researchers were able to collect and analyze 175 million RSA certificates and keys used to protect real-world Internet traffic.

The active and publicly available RSA keys (which consist of the product of two large, randomly chosen primes) were mined to identity common factors. Any keys sharing one of their prime factors with another key are compromised by this technique. The analysis found over 435,000 certificates with a shared factor, with researchers able to rederive the private key.

When these devices include medical implants and cars, the impact of the malfunction can be devastating. The research stresses the importance of security best practices, random number generation for connected systems and use of cryptography to securely install firmware and software updates through the lifecycle of the device.

Researchers built a database of 75 million active RSA keys using Keyfactor’s proprietary SSL/TLS certificate discovery capabilities. The dataset was augmented using 100 million certificates available through certificate transparency logs and analyzed on a single virtual machine in Microsoft Azure, using Keyfactor’s scalable GCD algorithm to find shared factors. The findings were released at the First IEEE Conference on Trust, Privacy and Security in Intelligent Systems and Applications.

To download a copy of the research paper, please click here.

Keyfactor Brings Enhanced Security for Cloud, DevOps and IoT

Posted in Commentary with tags on November 19, 2019 by itnerd

Keyfactor, the leader in securing digital identities, today announced the latest update to its award-winning PKI (public key infrastructure) as-a-service and certificate lifecycle automation solution, Keyfactor Command. The offering supports information security, IT and DevOps teams juggling security priorities, regulatory demands and digital transformation.

In a recent survey, 44 percent of security and IT professionals indicated that lack of skills and expertise is the greatest challenge they face in managing their organization’s PKI, with 37 percent of respondents citing the secure adoption of DevOps, cloud and IoT as a primary concern.

According to Gartner Inc., the world’s leading research and advisory company, “technical professionals tasked with delivering effective identity and access management (IAM) capabilities should: establish a PKI management regime and leverage certificate management tools to manage and monitor SSL/TLS certificates, and focus on enabling automatic outage detection and mitigation, compliance and policy requirements and crypto-agility.”

We believe Keyfactor provides the most complete PKI operations solution delivered from the cloud, enabling both enterprise security teams and IoT device manufacturers to operate end-to-end agile digital identity management. This release includes improvements to discovery and auditing across the entire digital certificate landscape – critical capabilities required to meet regulatory and security mandates.

Key advancements include:

  • Secure Automation – Integrates with CyberArk to enable secure access to privileged accounts required for certificate and key lifecycle automation.
  • Improved Tracking and Auditing – Enables auditors to retrieve a complete audit log of every user activity and configuration change within the platform.
  • Extended Discovery – Expands certificate discovery capabilities with support for Server Name Indication (SNI).
  • Enhanced Reporting – Includes a new, expanded library of pre-packaged and customizable reports.

For more information about Keyfactor Command 7, please visit:

For more information about Keyfactor and its services, please visit:


Canadian Cybersecurity Legislation Lacking: Keyfactor Survey

Posted in Commentary with tags on October 18, 2019 by itnerd

In a survey released today, Keyfactor, a leading provider of secure digital identity management solutions, revealed that 87% of surveyed cybersecurity professionals think more privacy and security legislation is required to better protect Canada’s businesses and consumers.

According to the survey, 58% of respondents think regulators and elected Canadian officials are not doing enough to standardize security guidance on measures like data encryption.

Public Key Infrastructure (PKI) is a tried and tested security tool that protects digital identities across people, software and technology. However, PKI management remains a manual process for many organizations.

The survey also found that:

  • 50% of respondents cite manual and complex processes as their greatest challenge in managing PKI
  • 43% of respondents were most concerned about their ability to securely adopt DevOps, cloud and IoT

Survey results were gathered through surveys conducted with IT security professionals at SecTor, Canada’s premier IT security education conference. For a complete list of survey results, please visit: