Venafi Firefly enhances the security of machine identities for cloud-native applications

Venafi has introduced Venafi Firefly, the lightweight machine identity issuer that supports highly distributed, cloud native environments.

Part of the Venafi Control Plane for Machine Identities, Firefly enables security teams to securely meet developer-driven machine identity management requirements for cloud native workloads by issuing machine identities, such as TLS and SPIFFE, locally at high speeds across any environment.

By delivering added speed, reliability, and security for machine identities in modern architectures, it helps organizations ensure identities adhere to corporate security policies, while accelerating application development and digital transformation.

“With an increasing number of organizations moving to modern, cloud native architectures that are highly distributed, there is a growing need for machine identities in modern applications to be delivered at scale with near-zero latency to address key challenges around authentication,” said Shivajee Samdarshi, CPO at Venafi.

“Venafi Firefly addresses these critical challenges in a fast, easy and secure way. It reduces security risks while also eliminating inefficiencies that often slow development teams down and future-proofing organizations against the challenges of tomorrow,” Samdarshi continued.

Firefly is delivered as an easy-to-deploy container that can run in any cloud native environment, providing a secure way to issue machine identities. Machine identity policy is configured in the Venafi Control Plane and inherited by Firefly instances.

Together, the Venafi Control Plane and Venafi Firefly provide a lightweight, distributed architecture that makes Firefly the only machine identity issuer for modern use cases requiring local high-speed autonomous issuance, low-latency cloud native use cases and advanced CI/CD with identity provider embedded in the pipeline.

Key capabilities include:

• Observability – Through the Venafi Control Plane, Firefly delivers visibility into distributed issuance activity. This extends Control Plane observability of machine identities from the datacenter to the cloud and the edge.
• Consistency – Firefly gives security teams control over policy for machine identities issued to modern applications in cloud native environments and ensures developers use a secure and consistent issuer.
• Reliability – Firefly requires minimal infrastructure to deploy in production to achieve high availability and fault tolerance.
• Freedom of choice – Venafi Firefly has multiple deployment options, including cloud native, DevOps, cloud and federated PKI environments, giving developers flexibility to use Firefly wherever and whenever it’s needed.

Venafi Firefly is reducing complexity and increasing the speed of development, while at the same time increasing security for machine identities needed for modern cloud native applications.

“At Diebold Nixdorf, refactoring legacy applications to be cloud native is a priority for us. We need to give developers and platform teams a machine identity issuer that is lightweight, works on all cloud platforms, is super high speed and is easy to deploy,” said Scott Barronton, CISO at Diebold Nixdorf.

“Venafi Firefly meets these required capabilities. In addition, it gives security teams visibility and policy control over machine identities. It combines the best of two worlds — we can go as fast as we need to and do so securely,” Barronton concluded.