TechValidate Research on Venafi

These pages present data that TechValidate has sourced via direct research with verified customers and users of Venafi. TechValidate stands behind the authenticity of all published data. Learn more »



768 Customers Surveyed

6,176 Data Points Collected

118 Published TechFacts

32 Published Charts

47 Published Case Studies



Selected Research Highlights


Venafi Customer Research

Financial Services: Over Half Manually Track Keys and Certificates

How did you manage your keys and certificates before Venafi?

Manual tracking and management (e.g.,spreadsheet)
56%
Internal scripts / home-grown solution
31%
External certificate authority
6%
Other
6%

Venafi Customer Statistic

Policy Enforcement with Venafi Improves Security

69% of surveyed IT security professionals agree that policy enforcement with Venafi automation helped improve security.

Case Study: Large Enterprise Financial Services Company

Introduction

This case study of a large enterprise financial services company is based on an August 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

“Venafi is the only player in this market that has a good understanding of managing certificates.”

Challenges

  • Managed their keys and certificates using manual tracking and management (e.g., spreadsheet) before Venafi.
  • Problem solved using Venafi:
    • Data Security / SSL Inspection / Threat Detection

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustAuthority Mobile
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Databases
    • Load Balancers
    • Web Servers
    • Application Servers
    • Security Applications

Results

  • Improved their internal IT services SLA from days to hours with Venafi.
  • Found additional keys and certificates using Venafi that were previously unknown.
  • Key and certificate visibility improved by 76-100% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • Heartbleed
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies

Venafi Customer Research

Before Machine Identity Protection

How did you manage your keys and certificates before Venafi?

Manual tracking and management (e.g. spreadsheet, database): 51%
Internal scripts / home-grown solution: 26%
CA dashboard or CA management tools: 16%
Other: 7%

Venafi Customer Satisfaction Rating

Dave Lewis, an IT Systems Analyst at Yorkshire Building Society, would be very likely to recommend Venafi for this reason:

Key management in a
nutshell.

Venafi Case Study

Equifax

Introduction

This case study of Equifax is based on an April 2017 survey of Venafi customers by TechValidate, a 3rd-party research service.

“I love the integration with load balancers like F5 and Netscalers. And most of the admins are now centralized in one place, with less exposure and fewer risks related to outages.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Venafi:

  • Overcame the following challenges after using Venafi automation:
    • Automating the entire certificate lifecycle to improve security
    • Reducing risk by eliminating manual processes for vulnerability remediation
    • Distributing keys and certificates to security technologies for visibility / inspection
  • Experienced the following operational challenges before using Venafi:
    • High costs of certificate lifecycle management
    • Ineffective use of IT personnel
    • Slower delivery because of a lack of API integration with DevOps or cloud services
    • Missed or lengthy Internal SLAs for certificate-dependent IT services
    • Impacts on reliability and/or availability because they had no visibility into certificate expiry periods
  • Faced the following security challenges before using Venafi:
    • Increasing risk because keys and certificates rotated at annual or longer intervals
    • Being limited to reactive, instead of proactive, security because they didn’t have a policy enforcement

Use Case

The key features and functionalities of Venafi that the surveyed company uses:

  • Uses Venafi key and certificate automation for:
    • Automated certificate management
    • Scalability of certificate distribution for deployment of encryption-dependent technologies
    • Incident response

Results

The surveyed company achieved the following results with Venafi:

  • Agrees that Venafi helped them make better use of dynamic IT services by using APIs to automate support for DevOps platforms
  • Went from 50 people managing their PKI before using Venafi to 10 people after using Venafi automation.
  • Venafi automation helped improve security with:
    • Policy enforcement
    • Workflow for accountability
    • Automatic certificate revocation when services are no longer in use


More to Explore



About Venafi

Venafi is the cybersecurity market leader in machine identity protection, securing the cryptographic keys and digital certificates on which every business and government depends to deliver safe machine-to-machine communication. Organizations use Venafi key and certificate security to protect communications, commerce, critical systems and data, and mobile and user access.

  Venafi Website