Venafi

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Venafi, Inc
Private company
Industry Computer security, Internet security
Founded October 26, 2000
Headquarters Salt Lake City, UT, United States
Key people
President and CEO: Jeff Hudson
Website www.venafi.com

Venafi, Inc. is a privately held cybersecurity company that develops software to secure and protect cryptographic keys and digital certificates. Its enterprise key and certificate management and security products are certificate authority (CA) independent and manage security instruments such as digital certificates and Secure Shell (SSH) and asymmetric encryption keys. Venafi does not sell encryption and it is not a CA.

Venafi reports a customer base of public- and private-sector entities, mostly Global 5000 organizations that operate in a variety of industries. Venafi is headquartered in Salt Lake City, Utah, and has offices in California, the United Kingdom, Finland, and Australia.[1]

History[edit]

Russell Thornton and Ben Hodson, both University of Washington graduates,[2] cofounded Venafi’s predecessor company in 1998 after recognizing that a recent consulting project had broader commercial application. The cofounders incorporated the company as IMCentric in Washington State on October 26, 2000.[3]

Seeking an infusion of angel capital, Hodson and Thornton moved the company to Utah where they were joined by Jayson Seegmiller. Hodson led engineering while Thornton and Seegmiller focused on business and operations. An application was filed to conduct business as IMCentric, Inc. in Orem, Utah on March 18, 2003. Thornton filed to change IMCentric’s state of incorporation (home state) from Washington to Delaware on April 1, 2004.

Early 2005 saw the company’s leadership and name change: its name from IMCentric to Venafi[4] and its leadership from Thornton (president and chief executive officer) and Seegmiller (vice president, secretary, and treasurer) to Trell Rohovit (president and chief executive officer), William Clay Epstein (vice president), and Darren Denning (secretary). The company also moved its headquarters to Sandy, Utah in 2005. Jeff Hudson (current chief executive officer) replaced Rohovit in October, 2010, and the company moved to Salt Lake City, UT in 2013.[5]

Company name[edit]

Venafi (Ven-uh-FIY) is a made-up word created by combining two Latin roots—Vena (vein or root) and Fides (trust or faith). Venafi secures the root of trust—the encryption keys and certificates.[6]

Investors[edit]

Venafi’s current investors include Foundation Capital, Intel Capital, Mercato, Origin Partners, Pelion Venture Partners, and QuestMark Partners.[7]

Products[edit]

As its product line expanded, Venafi invented the market segment, Enterprise Key and Certificate Management (EKCM), and delivered the first solution to automate the provisioning, discovery, monitoring, and management of digital certificates and encryption keys. The products were built specifically for encryption management interoperability across heterogeneous environments.

As keys and certificates became increasingly used in Advanced Persistent Threats and other cyberattacks, Venafi repositioned its product line to address both security and management of keys and certificates. The current offering consists of an underlying platform that supports three products:

  • Venafi Trust Protection Platform—the underlying platform that provides shared and extensible services across the Venafi products
  • Venafi TrustAuthority—finds all keys and certificates and establishes a baseline of usage for SSL/TLS, SSH, mobile, WiFi, or VPN keys and certificates
  • Venafi TrustForce—automates and scales key and certificate security and management for SSL/TLS and SSH keys and certificates
  • Venafi TrustNet—provides certificate reputation services for any certificate on the internet

Industry affiliations[edit]

Venafi is a participating organization with the Payment Card Industry Security Standards Council (PCI SSC),[8] which issues the Payment Card Industry Data Security Standard (PCI DSS). Venafi submitted Cryptographic Keys and Digital Certificate Security Guidelines as a Special Interest Group (SIG) topic for consideration as both a 2015 and 2016 PCI SSC SIG. The topic was selected as a finalist for both a 2015 SIG[9][10] (1 of 7 finalists, not selected) and a 2016 SIG[11][12] (1 of 5 finalists, final vote pending).

In July, 2012, Paul Turner, then Venafi’s vice president of product and strategy, co-authored a National Institute of Standards and Technology (NIST) Information Technology Laboratory (ITL) bulletin (“ITL Bulletin for July 2012: Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance”) that provides best practices-based information.[13]

Recognition, honors, and awards[edit]

  • In April 2014, SC Magazine Awards 2014 Europe named Venafi a finalist in its Best Encryption Solution and Best Risk/Policy Management Solution categories.[14][15]
  • In 2013, global media company, Red Herring, included Venafi software on its 2013 Top 100 North America: Winners, listing Venafi in the top North American private companies.[16]
  • In February 2013, SC Magazine Awards Europe 2013 named Venafi Director a finalist in its Best Encryption Solution and Best Security Management categories.[17]
  • In 2013, Info Security awarded Venafi Encryption Director Certificate Manager a Bronze Winner in the Risk Management category.[18]
  • In May 2012, Venafi Director won a Software and Information Industry Association (SIIA) CODiE award for the Best Security Solution category (Business Software).[19][20]
  • In February 2012, Venafi was nominated by eWeek Labs as one of thirteen “Hottest Security Vendors” at the RSA Conference in San Francisco.[21]
  • In February 2012, Venafi Encryption Director 6: Certificate Manager won Info Security’s Global Excellence award in the Risk Management category.[22]
  • In 2011, Venafi Encryption Director won a spot in the Info Security's 2011 Global Excellence Award's finalist list in the Policy Management category.[23]
  • In 2011, SC Magazine awarded Venafi Encryption Director a place on its SC Magazine Awards 2011 Europe finalist list.[24]
  • In November 2011, Gartner, an information technology research and advisory company, acknowledged in its research note “X.509 Certificate Management: Avoiding Downtime and Brand Damage” that “Venafi is the leader in X.509 certificate management for internal and external systems and applications. Unlike certificate authority certificate management solutions, Venafi supports virtually all certificate issuers natively and can renew certificates from nearly any type of certificate issuer, providing flexibility for complex heterogeneous environments composed of certificates issued by various certificate authorities.”[25]
  • In 2010, SC Magazine awarded Venafi its 2010 Industry Innovator distinction.[26]
  • In April 2010, Gartner named Venafi a “Cool Vendor in Data and Infrastructure Protection.”[27]
  • In 2009, Venafi Director won Info Security’s 2009 Global Excellence award in the Best New Software Product category.[28]
  • In October 2007, Venafi was listed as one of the 10 IT security companies to watch by InfoWorld.[29]
  • In October 2004, IMCentric, Venafi’s predecessor, was recognized as one of Utah’s top 20 High-Tech companies by Utah Business Magazine.[30]

References[edit]

  1. ^ "Contact Venafi". Venafi.com. Retrieved 2015-09-30. 
  2. ^ "Introduction to Software Entrepreneurship". Washington.edu. Retrieved 2015-10-02. 
  3. ^ "Corporations Registration Detail". sos.wa.gov. Retrieved 2015-10-02. 
  4. ^ "sec.gov Archives". sec.gov. Retrieved 2015-10-02. 
  5. ^ "Venafi moves software operations to downtown Salt Lake". Salt Lake Tribune. 2013-03-05. Retrieved 2015-10-02. 
  6. ^ Messmer, Ellen, and Garretson, Cara (2007-10-15). "10 IT Security Companies to Watch". InfoWorld.com. Retrieved 2015-09-30. 
  7. ^ "Venafi Investors". Venafi.com. Retrieved 2015-09-30. 
  8. ^ "Participating Organizations". PCI Security Standards Council. Retrieved 2015-10-02. 
  9. ^ "In Run Up to Annual Community Meetings, PCI Council Announces 2015 Special Interest Group Project Proposals" (PDF). PCI Security Standards Council. 2014-08-25. Retrieved 2015-10-02. 
  10. ^ "PCI Prioritizes Securing the Trust Established by Keys and Certificates in 2015 Special Interest Group Finalist Selection". Venafi Blog. 2014-08-25. Retrieved 2015-10-02. 
  11. ^ Payment Card Industry Security Standards Council (2015-09-02). "The PCI Monitor: Weekly news, updates and insights from PCI SSC". The PCI Monitor (Mailing list). 
  12. ^ "For the 2nd Year Running, PCI SSC Announces Securing Keys and Certificates a PCI SIG Finalist". Venafi Blog. 2015-09-02. Retrieved 2015-10-02. 
  13. ^ "ITL Bulletin for July 2012: Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance" (PDF). NIST. Retrieved 2015-09-30. 
  14. ^ SC Staff (2014-04-29). "2014 SC Awards Europe Winners". SC Magazine. Retrieved 2015-10-01. 
  15. ^ SC Staff (2014-04-29). "2014 SC Awards Europe Winners". SC Magazine. Retrieved 2015-10-01. 
  16. ^ "2013 Top 100 North America: Winners". Red Herring. Retrieved 2015-10-01. 
  17. ^ SC Staff (2013-02-05). "SC Magazine Awards Europe 2013 - shortlist announced". SC Magazine. Retrieved 2015-10-01. 
  18. ^ "Winners of the 9th Annual 2013 Info Security's Global Excellence Awards". Info Security Products Guide. 2013. Retrieved 2015-10-01. 
  19. ^ "Venafi Encryption Director Wins SIIA CODiE Award for Best Security Solution". Market Wired. 2012-05-24. Retrieved 2015-10-01. 
  20. ^ "2012 CODiE Award Winners". SIIA CODiE Awards. 2012. Retrieved 2015-10-01. 
  21. ^ Sturdevant, Cameron (2012-02-29). "Security: RSA 2012: eWEEK Labs Picks the 21 Hottest Security Vendors". eWeek Labs. Retrieved 2015-09-30. 
  22. ^ "Winners of the 8th Annual 2012 Info Security's Global Excellence Awards". infosecurityproductsguide.com. 2012. Retrieved 2015-10-01. 
  23. ^ "Winners of the 7th Annual 2011 Global Product Excellence Awards". infosecurityproductsguide.com. 2011. Retrieved 2015-10-01. 
  24. ^ Kensek, Craig (2011-02-03). "SC Awards Europe 2011 - Finalists Announced". Retrieved 2015-10-01. 
  25. ^ "X.509 Certificate Management: Avoiding Downtime and Brand Damage". Gartner.com. 2011-04-11. Retrieved 2015-10-01. 
  26. ^ Stephensen, Peter (2010-12-01). "Innovators 2010: The top security companies". SC Magazine. Retrieved 2015-10-01. 
  27. ^ "Cool Vendors in Data and Infrastructure Protection". Gartner.com. 2010-04-14. Retrieved 2015-10-01. 
  28. ^ "Global Product Excellence – Customer Trust". infosecurityproductsguide.com. 2009. Retrieved 2015-10-01. 
  29. ^ Messmer, Ellen and Garretson, Cara (2007-10-15). "10 IT security companies to watch". InfoWorld. Retrieved 2015-09-30. 
  30. ^ "IMCentric Recognized as One of Utah's Top 20 High-Tech Companies". Business Wire. 2004-11-15. Retrieved 2015-09-30.