The Challenge of Machine Identity Management

Sam Ross-Gower
June 28, 2021

Many of our customers use Cryptosense Analyser Platform (CAP) to try to discover where they're using cryptography, and machine identities are an important part of that. Certificate discovery is essential to minimise the risk of a certificate outage. Previously finding shadow certificates was a laborious process, but the job just got easier thanks to a new integration with Venafi.

In a recent interview with Venafi's Bridget Hildebrand, Graham explained why this integration was so interesting for many of our customers:

All our customers are looking for cryptographic objects and operations, where they’re coming from and deciding who should have access to them.
Without the integration with Venafi, our customers would deploy Cryptosense, find a whole bunch of stuff out there, interesting stuff! Amongst that would be a whole bunch of machine identities, and they would want to know: how many am I already managing, renewing, keeping track of? And how many of these are maybe being introduced by some anomaly in the process, or maybe something's not going quite right here that I might want to fix? Or maybe I want to get these into Venafi’s inventory as well, so the PKI administrators have that full visibility they require.
Previously, that has been a kind of manual process to resolve. They would have to download a CSV and figure it out in Excel. And this is really laborious. We want to make our reports completely actionable for our users, plus provide automation. When certain processes happen, they automatically check in with Venafi and say, "Hey, we're just about to deploy this container here. It's got these machine identities. Let's just check that Venafi knows about them and has the ability to automate their renewal and provisioning. If they aren’t already in Venafi’s inventory, we can register them, and we can add the information Venafi needs about how and where the certificate is stored, and what it's used for.”

For more on how the integration between Cryptosense Analyzer and the Venafi Trust Protection Platform works, read the full interview here. You can also read our CAP x Venafi integration datasheet for more information, or request a demo.