TechValidate Research on Venafi

47 Case Studies – Page 1 of 2


Venafi Case Study

Southwest Airlines Uses Venafi to Prevent Certificate-Related Outages

Introduction

This case study of Southwest Airlines Co. is based on a July 2019 survey of Venafi customers by TechValidate, a 3rd-party research service.

It’s easy to track and manage certs using Venafi. Being able to have expiration notifications sent via email and using the API to integrate with our ticketing system, I don’t have to manually open hundreds of tickets.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Venafi:

  • Managed their keys and certificates with manual tracking and management (e.g. spreadsheet, database) prior to Venafi.
  • On average, had 1-5 unplanned certificate-related outages a year before using Venafi.
  • Up to 25% of outages that were certificate-related affected their business-critical infrastructure.
  • Experienced, on average, between 1-4 hours downtime per certificate-related outage.

Use Case

The key features and functionalities of Venafi that the surveyed company uses:

  • Currently uses 10,001 – 20,000 certificates (internal and external).
  • Expects to see a 51 – 100% growth in the use of certificates in the coming 12 months.

Results

The surveyed company achieved the following results with Venafi:

  • Found 300 additional SSL/TLS keys and certificates using Venafi that were previously unknown.
  • System administrator can get a new or renewed certificate in 1 hour or less since deploying Venafi.
  • Top Venafi benefits that have helped the organization prevent and remediate certificate-related outages:
    • Continuous detection and monitoring of certificates
    • Centralized repository and management of certificates
    • Self-service capabilities for system administrators
    • Automated certificate lifecycle management
    • Policy enforcement (including certificate expiration periods, CA usage, group ownership, etc.)
    • Workflow integration for accountability
    • Notifications and escalations of impending certificate expirations

Venafi Case Study

Delta Air Lines Enforces Security Policies Across CAs Using Venafi

Introduction

This case study of Delta Air Lines is based on an October 2017 survey of Venafi customers by TechValidate, a 3rd-party research service.

“Venafi is exceptional in helping to manage all certificates in our environment and helps us ensure that our security policies are not being violated.”

Challenges

  • Delta Air Lines experienced the challenge of managing and enforcing policy across multiple CAs which led them to evaluate and ultimately select Venafi
  • They applied these practices prior to using Venafi:
    • Used an ad hoc approach based on the current need to select certificate authorities (CAs)
    • Used manual tracking and management (spreadsheet, database) to manage their keys and certificates
    • Were only somewhat effective at enforcing CA policies

Use Case

Delta Air Lines uses Venafi in the following ways to enable more flexible certificate authority (CA) usage:

  • Improve visibility across CAs and certificates
  • Deliver consistent policy enforcement across CAs

Results

Delta Air Lines achieved the following results with Venafi:

  • Venafi has increased their visibility into unauthorized CA usage.
  • They have also realized the following benefits from Venafi:
    • Better security through consistent policy enforcement across CAs
    • The flexibility to change or remove CAs
    • Better incident responses to CA compromises
    • Better global visibility to respond to an outage or breach
  • They estimate that with Venafi, it takes 1 hour or less for a system administrator to get a new or renewed certificate.

Venafi Case Study

Bank of Montreal

Introduction

This case study of Bank of Montreal is based on an October 2017 survey of Venafi customers by TechValidate, a 3rd-party research service.

“Venafi automation brought efficiency and mitigated security risks due to expired certs. Venafi delivers dependable support and an awesome application.”

Challenges

  • The Bank of Montreal experienced the following challenges which led them to evaluate and ultimately select Venafi:
    • An inability to change, remove, or add CAs
    • Managing and enforcing policy across multiple CAs
    • Not being aware of all certificates in use
  • They applied these practices prior to using Venafi:
    • Let departments and system administrators select their own certificate authorities (CAs)
    • Used a CA dashboard or CA management tools to manage their keys and certificates
    • Were only somewhat effective at enforcing CA policies before using Venafi

Use Case

The Bank of Montreal uses Venafi in the following ways to enable more flexible certificate authority (CA) usage:

  • Improve visibility across CAs and certificates
  • Centralize CA management
  • Automate certificate lifecycles for more than one CA
  • Migrate quickly to a different CA
  • Replace certificates quickly and securely regardless of the issuing CA

Results

The Bank of Montreal achieved the following results with Venafi:

  • Venafi has increased their visibility into unauthorized CA usage.
  • They have also realized the following benefits from Venafi:
    • Better security through consistent policy enforcement across CAs
    • The flexibility to change or remove CAs
  • They estimate that with Venafi, it takes 1 hour or less for a system administrator to get a new or renewed certificate.

Venafi Case Study

Leading Airline Prevents Certificate-related Outages with Venafi

Introduction

This case study of a large enterprise transportation services company is based on an October 2016 survey of Venafi customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“A product that solves a real need for our organization and improves with each upgrade.”

Use Case

The key features and functionalities of Venafi that the surveyed company uses:

  • Currently uses 50,001 – 100,000 certificates (internal and external).
  • Expects to see a 51 – 100% growth in the use of certificates in the coming 12 months.

Results

The surveyed company achieved the following results with Venafi:

  • Characterization of outages since deploying Venafi:
    • Had zero outages
  • Top Venafi benefits that have helped the organization prevent and remediate certificate-related outages:
    • Continuous detection and monitoring of certificates
    • Centralized repository and management of certificates
    • Policy enforcement (including certificate expiration periods, CA usage, group ownership, etc.)
    • Notifications and escalations of impending certificate expirations

Venafi Case Study

Leading Airline Uses Venafi for Both SSH Key Management and PKI Refresh

Introduction

This case study of a large enterprise transportation services company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“Venafi is the only tool/app in the key management space.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Venafi:

  • Managed their keys and certificates using manual tracking and management (e.g., spreadsheet) before Venafi.
  • Problems solved using Venafi:
    • Identity and access management (including privileged access management / SSH)
    • PKI refresh

Use Case

The key features and functionalities of Venafi that the surveyed company uses:

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustAuthority SSH
    • TrustForce SSL
    • TrustForce SSH
    • TrustNet
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority

Results

The surveyed company achieved the following results with Venafi:

  • Improved their internal IT services SLA from weeks to days with Venafi.
  • Found 1500 additional keys and certificates using Venafi that were previously unknown.
  • Key and certificate visibility improved by 51-75% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • Heartbleed
    • SSL inspection for threats
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies
    • SSH misuse
    • Certificate reputation

Venafi Case Study

Equifax

Introduction

This case study of Equifax is based on an April 2017 survey of Venafi customers by TechValidate, a 3rd-party research service.

“I love the integration with load balancers like F5 and Netscalers. And most of the admins are now centralized in one place, with less exposure and fewer risks related to outages.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select Venafi:

  • Overcame the following challenges after using Venafi automation:
    • Automating the entire certificate lifecycle to improve security
    • Reducing risk by eliminating manual processes for vulnerability remediation
    • Distributing keys and certificates to security technologies for visibility / inspection
  • Experienced the following operational challenges before using Venafi:
    • High costs of certificate lifecycle management
    • Ineffective use of IT personnel
    • Slower delivery because of a lack of API integration with DevOps or cloud services
    • Missed or lengthy Internal SLAs for certificate-dependent IT services
    • Impacts on reliability and/or availability because they had no visibility into certificate expiry periods
  • Faced the following security challenges before using Venafi:
    • Increasing risk because keys and certificates rotated at annual or longer intervals
    • Being limited to reactive, instead of proactive, security because they didn’t have a policy enforcement

Use Case

The key features and functionalities of Venafi that the surveyed company uses:

  • Uses Venafi key and certificate automation for:
    • Automated certificate management
    • Scalability of certificate distribution for deployment of encryption-dependent technologies
    • Incident response

Results

The surveyed company achieved the following results with Venafi:

  • Agrees that Venafi helped them make better use of dynamic IT services by using APIs to automate support for DevOps platforms
  • Went from 50 people managing their PKI before using Venafi to 10 people after using Venafi automation.
  • Venafi automation helped improve security with:
    • Policy enforcement
    • Workflow for accountability
    • Automatic certificate revocation when services are no longer in use

Venafi Case Study

Large Enterprise Computer Services Company

Challenges

  • Business challenges that led to purchasing Venafi:
    • Avoid certificate-related outages
    • Automate certificate management to lower costs and resource usage
    • Secure privileged access (IAM, including SSH)
    • Achieve compliance / audit remediation

“The Venafi team is extremely responsive to our needs and issue. We have annual meetings to discuss both company’s roadmaps and try to align them. And the time savings and ease of reporting allows resources to be dedicated to other projects.”

Budget Justification

  • PKI Administration took the lead in purchasing Venafi.

Results

  • Has > 75 lines of business or departments directly interacting with the Venafi platform.
  • Top benefits experienced or will experience with Venafi:
    • Prevented and remediated outages
    • Increased compliance
    • Improved labor / cost savings
  • Will save 3 FTEs annually by using Venafi.
  • Saved $150,000 annually by using Venafi.

Next Steps

  • Plans to expand their use of Venafi in the following ways:
    • Expand their use of Venafi to other use cases (e.g., code-signing, SSH, Mobility, DevOps support, etc.)
    • Expand their use of Venafi to cover more keys and/or certificates

Venafi Case Study

Small Business Retail Company

Challenges

  • Business challenges that led to purchasing Venafi:
    • Avoid certificate-related outages
    • Automate certificate management to lower costs and resource usage

“Venafi reduced my time in manually issuing certificates, by using enrollment by the end user/app admins. We hope to gain more time reduction. The software seems to be well thought out. It definitely increases our ability to fully manage certificate lifecycle.”

Budget Justification

  • Justified budget for Venafi because of their need to manage transition from external to internal PKI at end of private certificate issuance by third parties.
  • Information Security took the lead in purchasing Venafi.

Results

The surveyed company achieved the following results with Venafi:

  • Has 11 to 20 lines of business or departments directly interacting with the Venafi platform.
  • Top benefits experienced or will experience with Venafi:
    • Prevented and remediated outages
    • Improved labor / cost savings
    • Improved effectiveness of existing security

Next Steps

  • Plans to expand their use of Venafi in the following ways:
    • Expand their use of Venafi to other use cases (e.g., code-signing, SSH, Mobility, DevOps support, etc.)
    • Expand their use of Venafi to cover more keys and/or certificates

Venafi Case Study

Michaels Stores

Challenges

  • Business challenges that led to purchasing Venafi:
    • Avoid certificate-related outages
    • Update internal PKI to reduce errors and vulnerabilities (e.g., SHA-1 to SHA-2 migration)
    • Automate certificate management to lower costs and resource usage
    • Scale encryption-dependent systems and applications
    • Secure privileged access (IAM, including SSH)

“Very reputable company with a unique product offering that solves significant operational and security use cases. [We’re faced with] the emerging realization that certificate and key management is the next battleground for privileged access.”

Budget Justification

  • Justified budget for Venafi because of their need to avoid certificate-related outages.
  • Information Security took the lead in purchasing Venafi.

Results

  • Has 6 to 10 lines of business or departments directly interacting with the Venafi platform.
  • Top benefits experienced or will experience with Venafi:
    • Prevented attacks
    • Prevented and remediated outages
    • Improved effectiveness of existing security

Next Steps

  • Plans to expand their use of Venafi in the following ways:
    • Expand their use of Venafi to other use cases (e.g., code-signing, SSH, Mobility, DevOps support, etc.)
    • Expand their use of Venafi to cover more keys and/or certificates

Venafi Case Study

Medium Enterprise Financial Services Company

Challenges

  • Business challenges that led to purchasing Venafi:
    • Avoid certificate-related outages
    • Automate certificate management to lower costs and resource usage

“Venafi has streamlined and optimized our certificate management process.”

Budget Justification

  • Justified budget for Venafi because of their need to avoid certificate-related outages.
  • Information Security department took the lead in purchasing Venafi.

Results

The surveyed company achieved the following results with Venafi:

  • Have 51 to 75 lines of business or departments directly interacting with the Venafi platform.
  • Top benefits experienced or will experience with Venafi:
    • Prevented and remediated outages
    • Improved effectiveness of existing security
  • Saved $20,000 annually by using Venafi.

Next Steps

  • Plans to expand their use of Venafi in the following ways:
    • Expand their use of Venafi to other departments
    • Expand their use of Venafi to other use cases (e.g., code-signing, SSH, Mobility, DevOps support, etc.)
    • Expand their use of Venafi to cover more keys and/or certificates

Case Study: Fortune 500 Health Care Company

Introduction

This case study of a Fortune 500 health care company is based on a December 2015 survey of Venafi Professional Services customers by TechValidate, a 3rd-party research service.

“Venafi helped us with getting our initial SSL scans and discovering our SSL certificate inventory. It provided us a foundation to finally establish a real CLM solution and move away from our previous methods of tracking certificates.”

Challenges

  • Purchase Venafi Professional Services for the following reasons:
    • To reduce deployment time
    • To minimize deployment risk
    • Its design for optimal solution effectiveness / utilization (e.g., fuller discovery, more policy implementation, etc.)

Use Case

  • Included Professional Services with their initial Venafi product purchase to assist with product implementation.
  • Uses the following Venafi product:
    • TrustAuthority for SSL/TLS
  • Integrates Venafi with the following systems:
    • Public CAs
    • Private CAs
    • Internal databases
  • Has had the following Venafi training:
    • Venafi Security Professional (VSP) half-day, instructor-led WebEx
  • Has engaged with Venafi support in the following ways:
    • An Assigned Primary Venafi Support Engineer
    • Used phone, email, or online support services for Venafi support
    • Received remote diagnostics from the Venafi support team
    • Accessed content on the Venafi Support Knowledge Base

Results

  • Received the following benefits from using Venafi Professional Services:
    • Reduced deployment time
    • Minimized deployment risk
    • Achieved more solution effectiveness / utilization (e.g., fuller discovery, more policy implementation, etc.)
  • Accelerated their Venafi implementation by 51-75% after using Venafi Professional Services.
  • Improved their leverage capabilities of Venafi by 51-75% after using Venafi Professional Services.

Case Study: S&P 500 Banking Company

Introduction

This case study of an S&P 500 banking company is based on a December 2015 survey of Venafi Professional Services customers by TechValidate, a 3rd-party research service.

“Venafi gave us robust solutions and validated the deployment.”

Challenges

  • Purchased Venafi Professional Services for the following reasons:
    • To minimize deployment risk
    • Its design for optimal solution effectiveness / utilization (e.g., fuller discovery, more policy implementation, etc.)

Use Case

  • Included Professional Services with their initial Venafi product purchase to assist with product implementation.
  • Uses the following Venafi product(s):
    • TrustAuthority for SSL/TLS
    • TrustAuthority for SSH
    • TrustForce for SSL/TLS
    • TrustForce for SSH
    • TrustNet
  • Integrates Venafi with the following systems:
    • Public CAs
    • Load balancers
    • Web servers
    • Application servers
    • SIEMs
  • Has had the following Venafi training:
    • Venafi Security Administrator (VSA) two-day, instructor-led, in-person training
  • Has engaged with Venafi support in the following ways:
    • Used phone, email, or online support services for Venafi support
    • Received remote diagnostics from the Venafi support team
    • Accessed content on the Venafi Support Knowledge Base

Results

  • Received the following benefits from using Venafi Professional Services:
    • Minimized deployment risk
    • Achieved more solution effectiveness / utilization (e.g., fuller discovery, more policy implementation, etc.)
  • Accelerated their Venafi implementation by 51-75% after using Venafi Professional Services.
  • Improved their leverage capabilities of Venafi by 51-75% after using Venafi Professional Services.

Case Study: Fortune 500 Insurance Company

Introduction

This case study of a Fortune 500 insurance company is based on an August 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

Challenges

  • Managed their keys and certificates using manual tracking and management (e.g., spreadsheet) before Venafi.
  • Problems solved using Venafi:
    • Industry Compliance / Audit Remediation
    • Outage Prevention and Remediation
    • PKI Refresh

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustForce SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Load Balancers
    • Web Servers
    • Application Servers
    • Hardware Security Modules (HSMs)

Results

  • Improved their internal IT services SLA from weeks to days with Venafi.
  • Key and certificate visibility improved by 26-50% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies

Case Study: Medium Enterprise Financial Services Company

Introduction

This case study of a medium enterprise financial services company is based on an August 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

Challenges

  • Managed their keys and certificates using CA Service Desk and MS SCOM before Venafi.
  • Problems solved using Venafi:
    • DevOps and Cloud Automation
    • Outage Prevention and Remediation
    • PKI Refresh

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustForce SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Load Balancers
    • Web Servers
    • Application Servers
    • Configuration Management Databases (CMDBs)
    • Network Security Appliances

Results

  • Found additional keys and certificates using Venafi that were previously unknown.
  • Vulnerabilities to be addressed with Venafi:
    • SHA-1 to SHA-2 migration
    • Wildcard replacement

Case Study: Global 500 Insurance Company

Introduction

This case study of a Global 500 insurance company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

Challenges

  • Managed their keys and certificates using manual tracking and management (e.g., spreadsheet) before Venafi.
  • Problems solved using Venafi:
    • Data Security / SSL Inspection / Threat Detection
    • Industry Compliance / Audit Remediation
    • Outage Prevention and Remediation
    • PKI Refresh

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustForce SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Web Servers
    • Security Information and Event Management (SIEM) Solutions
    • Mobile Device Management (MDM) Solutions

Results

  • Improved their internal IT services SLA from days to hours with Venafi.
  • Found additional keys and certificates using Venafi that were previously unknown.
  • Key and certificate visibility improved by 76-100% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • Heartbleed
    • SSL inspection for threats
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies

Case Study: Large Enterprise Health Care Company

Introduction

This case study of a large enterprise health care company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

Would you recommend Venafi Trust Protection Platform?

“Venafi is essentially one-stop shopping. All of our SSL needs are managed by one application. There is no need to go to our local PKI servers or out to our managed PKI account with our external vendor.”

Challenges

  • Managed their keys and certificates using internal scripts / home-grown solution before Venafi.
  • Problems solved using Venafi:
    • Industry Compliance / Audit Remediation
    • Outage Prevention and Remediation
    • PKI Refresh

Use Case

  • Venafi product currently being used:
    • TrustAuthority SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority

Results

  • Vulnerabilities to be addressed with Venafi:
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Certificate reputation

Case Study: Fortune 500 Insurance Company

Introduction

This case study of a Fortune 500 insurance company is based on an August 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

“Venafi’s ED solution is fantastic. It provides great value if the user’s use-cases fit Venafi’s product.”

Challenges

  • Managed their keys and certificates using manual tracking and management (e.g., spreadsheet) before Venafi.
  • Problems solved using Venafi:
    • Data Security / SSL Inspection / Threat Detection
    • Outage Prevention and Remediation

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustForce SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Databases

Results

  • Key and certificate visibility improved by after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification

Case Study: Educational Institution

Introduction

This case study of an educational institution is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

“Venafi lets us find security issues with certificates being out of date or old encryption/algorithms. It lets us quickly renew certificates and push them out.”

Challenges

  • Managed their keys and certificates using manual tracking and management (e.g., spreadsheet) before Venafi.
  • Problem solved using Venafi:
    • Outage Prevention and Remediation

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustForce SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Databases
    • Load Balancers
    • Web Servers
    • Application Servers
    • Security Applications
    • Security Information and Event Management (SIEM) Solutions
    • Network Security Appliances

Results

  • Improved their internal IT services SLA from weeks to days with Venafi.
  • Found additional keys and certificates using Venafi that were previously unknown.
  • Key and certificate visibility improved by 76-100% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification

Case Study: Large Enterprise Aerospace & Defense Company

Introduction

This case study of a large enterprise aerospace & defense company is based on an August 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

Challenges

  • Managed their keys and certificates using internal scripts / home-grown solution before Venafi.
  • Problems solved using Venafi:
    • Data Security / SSL Inspection / Threat Detection
    • Outage Prevention and Remediation
    • PKI Refresh

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustForce SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Load Balancers
    • Web Servers
    • Application Servers
    • Security Applications
    • Hardware Security Modules (HSMs)

Results

  • Vulnerabilities to be addressed with Venafi:
    • Heartbleed
    • SSL inspection for threats
    • SHA-1 to SHA-2 migration
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies

Case Study: Global 500 Banking Company

Introduction

This case study of a Global 500 banking company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

Would you recommend Venafi Trust Protection Platform?

“Yes. Venafi’s policy management feature is powerful, though it introduces a lot of complexity as well. The notification capabilities and the ability to provision drivers are also standouts.”

Challenges

  • Managed their keys and certificates using manual tracking and management (e.g., spreadsheet) before Venafi.
  • Problems solved using Venafi:
    • Industry Compliance / Audit Remediation
    • Outage Prevention and Remediation
    • PKI Refresh

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustForce SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Databases
    • Load Balancers
    • Web Servers
    • Hardware Security Modules (HSMs)

Results

  • Improved their internal IT services SLA from days to hours with Venafi.
  • Key and certificate visibility improved by 76-100% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies

Case Study: S&P 500 Banking Company

Introduction

This case study of an S&P 500 banking company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

Would you recommend Venafi Trust Protection Platform?

“Yes, Venafi is a must have for the proactive management of certificates!”

Challenges

  • Managed their keys and certificates using external certificate authority before Venafi.
  • Problems solved using Venafi:
    • Industry Compliance / Audit Remediation
    • Outage Prevention and Remediation
    • PKI Refresh

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustAuthority SSH
    • TrustAuthority Mobile
    • TrustForce SSL
    • TrustForce SSH
    • TrustForce Mobile
    • TrustNet
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Databases
    • Load Balancers
    • Web Servers
    • Application Servers
    • Security Applications
    • Security Information and Event Management (SIEM) Solutions
    • Network Security Appliances

Results

  • Improved their internal IT services SLA from weeks to days with Venafi.
  • Key and certificate visibility improved by 51-75% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • Heartbleed
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies
    • Certificate reputation

Case Study: Global 500 Hospitality Company

Introduction

This case study of a Global 500 hospitality company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

“Zero to little critical tickets generated due to key / certificate management through Venafi.”

Challenges

  • Managed their keys and certificates using manual tracking and management (e.g., spreadsheet) before Venafi.
  • Problems solved using Venafi:
    • Data Security / SSL Inspection / Threat Detection
    • Industry Compliance / Audit Remediation
    • Outage Prevention and Remediation

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustNet
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Web Servers
    • Application Servers

Results

  • Improved their internal IT services SLA from weeks to hours with Venafi.
  • Key and certificate visibility improved by 26-50% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • SHA-1 to SHA-2 migration
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies
    • Certificate reputation

Case Study: Global 500 Financial Services Company

Introduction

This case study of a Global 500 financial services company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

“Monitoring has been made easier and internal certificate alerts are more effective with Venafi.”

Challenges

  • Managed their keys and certificates using manual tracking and management (e.g., spreadsheet) before Venafi.
  • Problems solved using Venafi:
    • Data Security / SSL Inspection / Threat Detection
    • Identity and Access Management (including Privileged Access Management/SSH)

Use Case

  • Venafi product currently being used:
    • TrustAuthority SSL
  • System integrated with Venafi:
    • Private Certificate Authority

Results

  • Improved their internal IT services SLA from days to hours with Venafi.
  • Key and certificate visibility improved by 51-75% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • SHA-1 to SHA-2 migration
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies

Case Study: Non Profit

Introduction

This case study of a non-profit is based on an August 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

“Venafi has simplified the process of managing and renewing SSL certificates. Also, we have been able to get more users involved in managing their own certificates and taking responsibility for them. The system is simple enough that it does not take very much training to allow them to jump in and start taking care of their certificates.”

“We looked into using DigiCert, but felt that Venafi would support all of our internally signed certificates better.”

Challenges

  • Managed their keys and certificates using manual tracking and management (e.g., spreadsheet) before Venafi.
  • Problem solved using Venafi:
    • PKI Refresh

Use Case

  • Venafi product currently being used:
    • TrustAuthority SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Load Balancers
    • Web Servers
    • Network Security Appliances

Results

  • Improved their internal IT services SLA from days to hours with Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies

Case Study: Large Enterprise Aerospace & Defense Company

Introduction

This case study of a large enterprise aerospace & defense company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

“Venafi has no competitors.”

Challenges

  • Managed their keys and certificates using internal scripts / home-grown solution before Venafi.
  • Problems solved using Venafi:
    • Data Security / SSL Inspection / Threat Detection
    • Enterprise Mobility and Network Access Control
    • Identity and Access Management (including Privileged Access Management/SSH)
    • PKI Refresh

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustForce SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Load Balancers
    • Hardware Security Modules (HSMs)

Results

  • Improved their internal IT services SLA from days to hours with Venafi.
  • Found additional keys and certificates using Venafi that were previously unknown.
  • Key and certificate visibility improved by after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • Heartbleed
    • SSL inspection for threats
    • SHA-1 to SHA-2 migration
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies

Case Study: Small Business Retail Company

Introduction

This case study of a small business retail company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

How our organization uses Venafi Trust Protection Platform:

“Easier end user access to certificate management. A single place to manage all certificates, private, public, and eventually even self-signed and SSH keys.”

“Briefly reviewed Symantec’s certificate tool. It was not as comprehensive.”

Would you recommend Venafi Trust Protection Platform?

“Yes, it is one of the few platforms for this service available. It is solid and support is excellent.”

Challenges

  • Managed their keys and certificates using external certificate authority before Venafi.
  • Problem solved using Venafi:
    • PKI Refresh

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustForce SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Load Balancers
    • Web Servers
    • Application Servers
    • Security Information and Event Management (SIEM) Solutions

Results

  • Improved their internal IT services SLA with Venafi.
  • Found additional keys and certificates using Venafi that were previously unknown.
  • Key and certificate visibility improved after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies

Case Study: EY

Introduction

This case study of EY is based on an August 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

“[Venafi Trust Protection Platform] allowed management of PKI.”

Challenges

  • Managed their keys and certificates using other before Venafi.
  • Problem solved using Venafi:
    • PKI Refresh

Use Case

  • Venafi product currently being used:
    • TrustAuthority SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Web Servers
    • Application Servers

Results

  • Improved their internal IT services SLA from weeks to hours with Venafi.
  • Found additional keys and certificates using Venafi that were previously unknown.
  • Key and certificate visibility improved by 76-100% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • Heartbleed
    • SSL inspection for threats
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies
    • Certificate reputation

Case Study: Global 500 Banking Company

Introduction

This case study of a Global 500 banking company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

Would you recommend Venafi Trust Protection Platform?

“Yes, because systems engineers are not necessarily information security engineers and having a tool to help with key management that allows secure key generation. Venafi’s archive is valuable and can make securing systems less cumbersome and more efficient.”

What other products / solutions did you consider and why was Venafi a better fit?

“Our in-house developed systems. Venafi has better reporting and more robust discovery capabilities.”

Challenges

  • Managed their keys and certificates using internal scripts / home-grown solution before Venafi.
  • Problems solved using Venafi:
    • Industry Compliance / Audit Remediation
    • Outage Prevention and Remediation

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustForce SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Load Balancers
    • Web Servers
    • Application Servers
    • Security Applications
    • Hardware Security Modules (HSMs)

Results

  • Improved their internal IT services SLA with Venafi.
  • Found additional keys and certificates using Venafi that were previously unknown.
  • Key and certificate visibility improved after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • Heartbleed
    • SSL inspection for threats
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies

Case Study: Global 500 Banking Company

Introduction

This case study of a Global 500 banking company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

“We compared Venafi to our home-grown solution. Venafi provided better visibility and control of the certificate lifecycle.”

Challenges

  • Managed their keys and certificates using internal scripts / home-grown solution before Venafi.
  • Problems solved using Venafi:
    • Data Security / SSL Inspection / Threat Detection
    • Identity and Access Management (including Privileged Access Management/SSH)
    • Industry Compliance / Audit Remediation
    • Outage Prevention and Remediation
    • PKI Refresh

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustForce SSL
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Databases
    • Load Balancers
    • Web Servers
    • Application Servers
    • Security Applications
    • Hardware Security Modules (HSMs)
    • Security Information and Event Management (SIEM) Solutions
    • Configuration Management Databases (CMDBs)
    • Network Security Appliances

Results

  • Found 100,000 additional keys and certificates using Venafi that were previously unknown.
  • Key and certificate visibility improved by 51-75% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • Heartbleed
    • SSL inspection for threats
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies
    • Certificate reputation

Case Study: Fortune 500 Health Care Company

Introduction

This case study of a Fortune 500 health care company is based on a September 2015 survey of Venafi customers by TechValidate, a 3rd-party research service.

Would you recommend Venafi Trust Protection Platform?

“Yes, in my opinion, Venafi is fully engaged in the needs of today’s enterprises and has the tools and vision to look ahead into technology and industry trends to tune and improve their product. No one is doing that effectively, if at all, besides Venafi.”

Challenges

  • Managed their keys and certificates using manual tracking and management (e.g., spreadsheet) before Venafi.
  • Problems solved using Venafi:
    • Identity and Access Management (including Privileged Access Management/SSH)
    • Outage Prevention and Remediation
    • PKI Refresh

Use Case

  • Venafi products currently being used:
    • TrustAuthority SSL
    • TrustAuthority Mobile
  • Systems integrated with Venafi:
    • Public Certificate Authority
    • Private Certificate Authority
    • Load Balancers
    • Mobile Device Management (MDM) Solutions

Results

  • Improved their internal IT services SLA from days to hours with Venafi.
  • Found 10000 additional keys and certificates using Venafi that were previously unknown.
  • Key and certificate visibility improved by 76-100% after finding additional keys and certificates using Venafi.
  • Vulnerabilities to be addressed with Venafi:
    • Heartbleed
    • SHA-1 to SHA-2 migration
    • The use of secure key length
    • Key and certificate ownership identification
    • Key and certificate lifecycle policies
    • SSH misuse
    • Certificate reputation



More Research on Venafi