Venafi’s Common Criteria certified platform provides cybersecurity market leading machine identity protection, securing all connections and communications between machines. Venafi protects machine identities by orchestrating cryptographic keys and digital certificates for SSL/TLS, IoT, mobile and SSH. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise - on premise, mobile, virtual, cloud and IoT - at machine speed and scale. With over 30 patents, Venafi delivers innovative solutions for the most demanding, security-conscious organizations.


Venafi TrustAuthority™

Continuously Monitors All Keys and Certificates

Get the visibility and control you need to safeguard keys and certificates that should be trusted, and fix or block those that should not.

TrustAuthority discovers the configuration, location, and use of every key and certificate, so you can continuously monitor their status to identify vulnerabilities, enforce policies, and detect anomalies. With this improved enterprise-wide visibility of your keys and certificates, you can ensure that your encryption environment is fully secure and reduce the risk of certificate-related compromises and unplanned outages.

Venafi TrustForce™

Automates the Remediation of Vulnerable Keys and Certificates

Automatically replace vulnerable keys and certificates to avoid the impact of outages or vulnerabilities. TrustForce detects and reports anomalies, enforces security policies, and automatically remediates key and certificate vulnerabilities.

TrustForce uses lightweight agent and agentless technologies to automate complex activities related to your ever-changing key and certificate environment, including automatic rekeying and recertification across the enterprise. This enables you to quickly distribute new keys or fix keys or certificates that don’t meet established security policies. Also, in the event of a CA breach, you can automatically remediate thousands of keys and certificates without worrying about error-prone manual processes that are not only slow but often introduce vulnerabilities.

Venafi TrustNet™

Establish the Trustworthiness of Certificates

After establishing certificate reputation, TrustNet can increase protection by whitelisting trusted CAs and certificates, and blacklisting untrusted ones.

TrustNet integrates with other Venafi Platform components to provide alerts on forged, rogue, and maliciously used certificates found across the internet. When TrustNet detects a rogue certificate, it can immediately blacklist the certificate or the rogue CA that issued it. This allows you to take immediate action to block access to websites that are using blacklisted certificates. You can then use TrustForce to automate the replacement of these rogue certificates quickly and easily. Automation is especially useful to handle the scale of an event such as a CA compromise or new vulnerability such as Heartbleed.


GSA Schedule Contracts

GSA Schedule 70

GSA Schedule 70 GSA Schedule No. GS-35F-0119Y Term: December 20, 2011- December 19, 2021

SEWP Contracts


Contract Number: Group A Small: NNG15SC03B Group D Other Than Small: NNG15SC27B Term: May 1, 2015 - May 1, 2025

State & Local Contracts

City of Seattle Contract

Contract #0000003265 Term: December 19, 2021


Contract # CMAS 3-12-70-2247E Term: through March 31, 2022

Fairfax County IT Hardware, Software, & Services

Virginia- Fairfax County CONTRACT EXPIRATION: October 4, 2020 (with 5 option years)

National Intergovernmental Purchasing Alliance (National IPA - TCPN)

Term: through November 30, 2021

Orange County National IPA Co-Op

Through May 31, 2020 (with 2 option years)


Contract Number: UVA1482501 Term: May 2, 2014– December 19, 2021




New report says code-signing certificates stolen by Chinese hackers are used in attacks by other groups, including Chinese intelligence agencies.

See how wildcard certificates allow criminals to look trusted.


Most businesses, regardless of industry, have become digital businesses. They are developing their own software for a myriad of uses—from a bank that delivers a mobile app so that its customers can perform tasks once relegated to bank tellers to a manufacturer that builds software that runs ...

How traditional security can become a roadblock for DevOps.

Why cyber defenses should be modeled on the human immune system.

Why SSL/TLS certificates and encryption keys are the foundation of security.

Discover why agentless discovery can’t find all keys and certificates.

Get a SANS analyst's perspective on securing SSH keys.

Streamline security operations while securing confidential data.

Enterprises today struggle to adequately track and protect all existing machine identities and they need automation capabilities to deploy those protections more effectively.In March 2018, Venafi commissioned Forrester Consulting to examine the importance of protecting machine identities in enterpri...