Venafi news stories
82% of CIOs say software supply chains are vulnerable
A new study from Venafi has found 82% of CIOS say their organisations are vulnerable to cyberattacks targeting software supply chains.
Orgs increasingly vulnerable to supply chain attacks - study
“We can’t solve this problem using existing methodologies. Instead, we need to think differently about the identity and integrity of the code we are building."
Jetstack promotes better security with supply chain toolkit
The web-based resource is designed to help organisations evaluate and plan the crucial steps they need to establish effective software supply chain security.
Digital transformation drives rise of machine identities
Digital transformation is driving an average of 42% annual growth in the number of machine identities, according to a new study from Venafi.
Aussie IT leaders say ransomware a national security threat
New research has found extortion continues even if a ransom is paid, while CISOs are under increasing pressure.
False sense of security plagues organisations threatened by ransomware
"Unfortunately, our research shows that while most organisations are extremely concerned about ransomware, they also have a false sense of security about their ability to prevent these devastating attacks."
The challenges of improving software supply chain security
There is a glaring disconnect between executive concern and executive action when it comes to guarding against SolarWinds-style supply chain attacks.
Security professionals unprepared for escalating software supply chain attacks
IT security professionals and developers aren’t completely confident in their ability to defend against another SolarWinds/Codecov-style supply chain attack.
CIOs massively underestimate Secure Shell risks - study
While CIOs say they are concerned about the security risks SSH machine identities pose, Venafi data indicates they seriously underestimate the scope of these risks.
Machine identities increasingly exploited, new research finds
Venafi, the provider of machine identity management, finds that malware attacks using machine identities doubled from 2018 to 2019, including high-profile campaigns such as: TrickBot, Skidmap, Kerberods and CryptoSink.
Business Intelligence / BI
Malware attacks abusing machine identities grew eightfold over the last 10 years - report
"Machine identity capabilities have become commoditised and are being added to off-the-shelf malware, making it more sophisticated and harder to detect."
CIOs put too much trust in TLS certificates - survey
Despite the prolific usage of TLS certificates within organisations, many CIOs aren't concerned about security risks associated with TLS machine identities.
Venafi acquires Jetstack, brings greater security to digital transformation
"Our team is thrilled to join Venafi so we can accelerate our plans to bring machine identity protection to the cloud native stack, grow the community and contribute to a wider range of projects across the ecosystem.”
'We are in a permanent state of cyber warfare' say 88% of IT pros
“Powerful attack methods, like establishing backdoors with machine identities, are now available as commodity malware, making it harder for security professionals to defend against these attacks.”
Unprotected machine identities costing firms billions - report
Organisations worldwide could recover a collective total of between US$51 billion to as much as US$72 billion just by repairing their poorly protected machine identities.
Cyber-gangs using SSH identities to sell on the black market
Only 10% of organisations believe they have complete and accurate intelligence over all SSH machine identities.
Security teams could be slowing down DevOps, survey shows
Venafi has released the findings of its latest survey, revealing 75% of DevOps professionals say certificate issuance policies slow them down.
Four mistakes that can plague PKI administrators
These mistakes increase security risks and negatively impact the reliability and availability of business-critical network resources, Venafi has found.
75% of DevOps professionals say certificate issuance policies slow them down
Less than half of DevOps professionals believe developers always request certificates that serve as machine identities through authorised channels.
Venafi uncovers suspicious retail lookalike domains using valid certificates
The total number of certificates using lookalike domains is more than 400% greater than the number of authentic retail domains.
F5 integrates BIG-IQ into Venafi Machine Identity Protection Platform
The integration allows network operations to orchestrate the lifecycle of SSL/TLS certificates and ensure security policies are enforced across devices.
Govts risk cyber attacks if they continue to demand encryption backdoors
Governments that flout encryption best practice and mandate the inclusion of backdoors into technology are putting their entire countries at risk, according to security professionals.
Venafi announces guarantee for no certificate-related outages
Eliminating certificate-related outages within complex, multi-tiered architectures can feel like an impossible effort.
New code-signing solution released by Venafi
Machine identity protection solution secures code signing across organisations and guards against unauthorised use.