Venafi’s Common Criteria certified platform provides cybersecurity market leading machine identity protection, securing all connections and communications between machines. Venafi protects machine identities by orchestrating cryptographic keys and digital certificates for SSL/TLS, IoT, mobile and SSH. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise - on premise, mobile, virtual, cloud and IoT - at machine speed and scale. With over 30 patents, Venafi delivers innovative solutions for the most demanding, security-conscious organizations.


Venafi TrustAuthority™

Continuously Monitors All Keys and Certificates

Get the visibility and control you need to safeguard keys and certificates that should be trusted, and fix or block those that should not.

TrustAuthority discovers the configuration, location, and use of every key and certificate, so you can continuously monitor their status to identify vulnerabilities, enforce policies, and detect anomalies. With this improved enterprise-wide visibility of your keys and certificates, you can ensure that your encryption environment is fully secure and reduce the risk of certificate-related compromises and unplanned outages.

Venafi TrustForce™

Automates the Remediation of Vulnerable Keys and Certificates

Automatically replace vulnerable keys and certificates to avoid the impact of outages or vulnerabilities. TrustForce detects and reports anomalies, enforces security policies, and automatically remediates key and certificate vulnerabilities.

TrustForce uses lightweight agent and agentless technologies to automate complex activities related to your ever-changing key and certificate environment, including automatic rekeying and recertification across the enterprise. This enables you to quickly distribute new keys or fix keys or certificates that don’t meet established security policies. Also, in the event of a CA breach, you can automatically remediate thousands of keys and certificates without worrying about error-prone manual processes that are not only slow but often introduce vulnerabilities.

Venafi TrustNet™

Establish the Trustworthiness of Certificates

After establishing certificate reputation, TrustNet can increase protection by whitelisting trusted CAs and certificates, and blacklisting untrusted ones.

TrustNet integrates with other Venafi Platform components to provide alerts on forged, rogue, and maliciously used certificates found across the internet. When TrustNet detects a rogue certificate, it can immediately blacklist the certificate or the rogue CA that issued it. This allows you to take immediate action to block access to websites that are using blacklisted certificates. You can then use TrustForce to automate the replacement of these rogue certificates quickly and easily. Automation is especially useful to handle the scale of an event such as a CA compromise or new vulnerability such as Heartbleed.


GSA Schedule Contracts

GSA Schedule 70

GSA Schedule 70 GSA Schedule No. GS-35F-0119Y Term: December 20, 2011- December 19, 2021

SEWP Contracts


Contract Number: Group A Small: NNG15SC03B Group D Other Than Small: NNG15SC27B Term: May 1, 2015 - May 1, 2025

State & Local Contracts

City of Seattle Contract

Contract #0000003265 Term: December 19, 2021


Contract # CMAS 3-12-70-2247E Term: through March 31, 2022

Fairfax County IT Hardware, Software, & Services

Virginia- Fairfax County CONTRACT EXPIRATION: December 04, 2021 (with 5 option years)

National Intergovernmental Purchasing Alliance (National IPA - TCPN)

Term: through November 30, 2021

Orange County National IPA Co-Op

Through May 31, 2021


Contract Number: UVA1482501 Term: May 2, 2014– December 19, 2021




After completing the massive transition to a public trust public key infrastructure (PKI), the web security teams at Department of Defense (DoD) agencies will be intimately familiar with the amount of time it actually takes to provision large numbers of certificates. Indeed, security strategies oft...

Case Study

No other solutions fit our requirements, so Venafi was the top choice.


A single source for protecting against attacks using keys and certificates.

Better understand the scope of your current key and certificate status.

Prevent certificate misuse with global reputation intelligence.

Prevent certificate misuse with global reputation intelligence.

Automate the installation and remediation of keys and certificates.

Create and manage an inventory of your enterprise keys and certificates.


This book helps you understand where machine identities are used in your network and what you need to do to keep these identities up-to-date and protected.


We’ve compiled a security checklist to help you select the most effective key and certificates orchestration solution for your organization.