Venafi today announced that it has raised $39 million to help fuel its growth in the security certificate management space. The new Series F funding, led by QuestMark Partners with the participation of Intel Capital and Silver Lake Waterman, brings the company’s total financing to $101 million.
“To be able to get to all the companies that need our help, in terms of both products and services, you need money,” Jeff Hudson, CEO at Venafi told eWEEK. “We could have grown slower without the new money, but we want to grow faster, because the need is there and the bad guys are winning the battle.”
Hackers are increasingly going after security keys and certificates that are not properly protected, Hudson said.
Venafi’s Trust Protection Platform provides digital certificate management capabilities that help enable IT organizations to control and secure security certificates that are used for Secure Sockets Layer/Transport Layer Security (SSL/TLS).
“We are a private company, and our investors see a huge upside to what we’re doing,” Hudson said. “The logical step for this company is to be a public company. You can imagine that will happen, but we’re not planning that per se. Some companies say they’re planning on going public. I’m saying we’re planning on protecting the world, and being a public company will happen along the way as part of the process.”
From a competitive standpoint, Certificate Authorities (CAs) sell digital certificates and some also offer management capabilities. Hudson emphasized that the goal of many CAs is to sell more certificates while Venafi has a broader perspective that is CA-independent and looks at security of all certificates.
While CA-issued SSL/TLS certificates provide authenticity and integrity checks provided by a CA, many enterprises will also use self-signed certificates that they create and validate themselves. That’s an area where Hudson sees Venafi playing a key role, helping organizations keep track of all certificates, regardless of the issuer. A large enterprise could have thousands of self-signed certificates that need to be managed and monitored, he said.
“We constantly monitor certificates. We know who the owners are [and] where the certificates belong, and we know the devices they are on,” Hudson said. “We build the trust pile—how much an organization trusts a certificate, whether it comes from an external CA or from an internal capability.”
In case something goes wrong, Venafi’s technology also enables rapid detection so a certificate can be replaced, if needed. As the use of virtualization grows, so too does the certificate use within an organization, Hudson said.
“In a virtual software-defined environment, corporations will spin up thousands of virtual machines, and they need to be able to immediately get a certificate, install it automatically and then be able to remove the certificate when the virtual machine goes away,” Hudson said.
With the emerging Internet of things (IoT) landscape, the need for security certificate management is likely to grow even further as an increasing number of devices needs to connect to the Web securely, Hudson said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.