Innovation never stops and neither do we. Spring is here and the Keyfactor team is excited to announce the launch of our latest release – Keyfactor 6.
This update builds upon our industry-leading solutions – Keyfactor Command and Keyfactor Control – with new features that empower enterprises to take control of their growing certificate count and protect an ever-expanding landscape of digital identities.
As digital transformation drives the need for more connected users, devices, and applications across the enterprise, IT and security teams are hard-pressed to manage an increasing number of keys and certificates. Scripts and spreadsheets have worked in the past, but simply can’t keep up with the speed and scale of business today.
So – how can you stay ahead of the innovation curve without falling behind in digital security?
Let’s dive into the latest features in Keyfactor 6 to see how we make it possible.
Discover More – Faster.
Neglected or expired SSL certificates can cost a business millions, yet this is still one of the biggest challenges for IT and security teams today. Why? Believe it or not, there are many enterprises that have networks with IP ranges larger than the entire public internet. In fact, it’s not surprising to see the number of keys and certificates in any given organization reach hundreds of thousands – in some cases millions. Manual efforts to find and monitor certificates at this scale are simply self-defeating.
At the heart of Keyfactor 6 is a wickedly improved SSL/TLS discovery and monitoring engine built into Keyfactor Command, a cloud-based certificate lifecycle management platform. This includes a new dynamic scanning feature that enables organizations to scan even the most complex and expansive networks to bring all certificates under management. Not only does this empower IT and security teams to stay ahead of expired or rogue certificates that cause disruption to your business – it also frees up IT resources from hours of day-to-day manual tasks.
Keep Your Private Keys
All SSL certificates require a private key to work. Private keys enable you to securely decrypt communications and provide access to critical information. In the wrong hands, attackers can impersonate a trusted user or device and compromise your network, so it’s critical to prevent proliferation of these keys outside of your public key infrastructure (PKI).
By default, the Keyfactor Command platform does not store private keys, to prevent unnecessary risk. But today, Keyfactor 6 introduces an optional ability to securely store private keys associated with your certificates, and make those keys and certificates available to authorized users and machines. These keys are stored in a secure database, encrypted with a key stored in a Hardware Security Module (HSM), with full audit capabilities to monitor access.
Secure Firmware for the IoT
Every IoT device should have security rooted in design. Period.
To protect businesses, brands, and users from malware infected code, developers have adopted code signing to ensure the security and authenticity of their software. In the IoT, the same principle applies. Signing firmware (and updates) defends devices from the risks of code tampering and device takeover. But the challenge is that most IoT devices in the market today do not have a native capability to check the signature of firmware before downloading it, leaving users at serious risk.
Keyfactor Control, our end-to-end security identity platform for connected devices, now includes enhanced capabilities that provide design teams with the ability to validate firmware, even on ‘headless’ devices unable to perform the task natively. Keyfactor 6 adds a new level of maturity to the Keyfactor Control platform, enabling IoT manufacturers to embed high-assurance secure identity from design past deployment at the speed of their production line.
Did you know that 71% of organizations admit to not knowing exactly how many keys and certificate they have? Learn more about how Keyfactor can help you get the most out of your PKI. Try our calculator to see how many certificates could be hiding in your network.