Unbound vHSM
Updated Jul. 19 2021

To improve security, meet compliance requirements, increase efficiencies, and simplify machine identity management, Venafi and Unbound have combined the benefits of automated key and certificate lifecycle management to secure machine identities without the need for dedicated hardware-based infrastructure.
Business Outcomes
  • Automate and remotely manage key and certificate lifecycle operations

  • Gain complete visibility of cryptographic operations across all environments – on-premises, in the public/private cloud, and distributed geolocations

  • Enhance protection of machine identities securing sensitive and confidential data

  • Enable trust in applications and devices supporting critical business

Integration Features
  • FIPS 140-2 Level 2 pure software module that provides strong protection for all types of cryptographic keys and secrets

  • Support DevSecOps with standard cryptographic protocols - including PKCS11, KMIP, CNG, OpenSSL, Java Crypto, etc, as well as REST API

  • Automatically synchronizes keys and secrets across all geolocations and environments

Solution Overview

The process of securing machines and the keys that identify them involves multiple layers: management, visibility, compliance, and protection of the actual keys themselves. Holistic solutions that address all layers are in high demand. Beyond the management component, one of the central challenges of achieving this in modern environments has been the requirement to protect keys from theft using physical Hardware Security Modules. This approach can be problematic.

Coupled together, Venafi’s Trust Protection Platform and Unbound Security’s NextGen virtual Hardware Security Module (vHSM®) delivers a complete out-of-the-box solution for machine identity management, all in software. This combined offering enables organizations to easily deploy machine identity management, in a software-only solution that provides the highest level of protection for all keys and secrets.