Cloud Native Machine Identity Management Downloaded Millions of Times a Day

Cloud native machine identities create tipping point for the adoption of Zero Trust security models

“Today, every business – irrespective of industry – develops software, and most of these businesses have accelerated their migration to cloud native development methodologies to speed up software innovation,” said Kevin Bocek, vice president of threat intelligence at Venafi. “This shift has dramatically increased the number of machines on enterprise networks accelerating the adoption of identity centric security models, like zero trust,” according to Bocek.

“There’s a direct correlation between the increasing number of applications and data hosted outside of traditional networks, and the increasing volume and sophistication of the security threats targeting cloud native environments,” Bocek added.

Identity management for machines, which include devices, applications and containers, is much more complex than identity management for humans; this is why existing security frameworks don’t solve the problem. This complexity, combined with the rapid growth in Kubernetes adoption, is creating new identity management challenges for security teams already stretched by the shortage of skilled resources.

“As organizations look to implement zero trust principles to secure their fast-growing cloud native environments, an identity-first security model becomes a required capability,” said Matthew Bates, CTO and co-founder of Jetstack, a Venafi company focused on cloud native. “The human-centric and location based legacy security mechanisms we have relied on previously are no longer fit for purpose.”

Cert-manager allows developers to ship software that is secure by default

Cert-manager was created by Jetstack as an open source project to simplify the automation of certificate management within Kubernetes. Cert-manager builds natively on top of the Kubernetes API to issue and renew X.509 certificates from popular public and private certificate issuers, including Let’s Encrypt, Hashi Corp Vault and the Venafi Trust Protection Platform. Cert-manager has hundreds of contributors and 8.9K stars on GitHub. In 2020 it was accepted into the CNCF and the Jetstack team continues to maintain the project making over 70% of all code commits to the project.

Bates continued, “In Kubernetes and OpenShift clusters unique, trusted machine identities are required across the stack to enable secure communications north-to-south and east-to-west, and to provide the identity foundations for fine-grained authorization controls. The open source cert-manager project makes it easy and fast for developers to ship software that is secured by default, helping to manage all machine identities. With over 5.6 million Kubernetes developers worldwide, it shouldn’t surprise anyone that cert-manager is downloaded millions of times a day. It is clearly the de-facto standard for managing and security machine identities in cloud native environments. We’re thrilled to maintain and invest in this critical project in the open source ecosystem.

Resources:

Cert-manager on GitHub

Enterprise grade products and support for cert-manager

About Venafi and Jetstack

 Venafi is the cybersecurity market leader in machine identity management. From the ground to the cloud, Venafi solutions manage and protect identities for all types of machines—from physical and IoT devices to software applications, APIs and containers. Venafi provides global visibility, lifecycle automation and actionable intelligence for all machine identity types and the security and reliability risks associated with them.

Jetstack, a Venafi company, is a cloud native products and strategic consulting company working with enterprises using Kubernetes and OpenShift.

An open source pioneer, Jetstack has achieved notable industry recognition as the creator of cert-manager, the open source industry standard for cloud native machine identity management. Jetstack’s open source products and solutions protect the application environments and platform infrastructure of global banks, multinational retailing companies and defense organizations by providing enterprise platform and security teams the power to build, scale and security their cloud infrastructure.

With more than 30 patents, Venafi delivers innovative machine identity management solutions for the world’s most demanding, security-conscious organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the four top accounting and consulting firms; four of the five top U.S. retailers; and the top four banks in each of the following countries: the U.S., the U.K., Australia and South Africa.

Related Posts

• Open Source Makes Machine Identities on Kubernetes Accessible for All
• Google CAS Supports cert-manager and Jetstack Secure for Cloud Native and Private PKI
• Pulumi Policy-as-Code for cert-manager Simplifies Machine Identity Management
• Open-Source Community: CNCF Sandbox Accepts Cert-Manager

Venafi today announced that cert-manager, the open source standard for cloud native machine identity management created by Jetstack, a Venafi company, has been downloaded more than 1 million times a day for the last 18 months. This data brings into sharp relief the critical importance of machine identity management to the security of containers in cloud native environments.