Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I’m an old engineer at heart. Many of my ideals were formed by Joel’s Things You Should Never Do, Fred’s No Silver Bullet, and Brian’s Big Ball of Mud. One of my favorites was Greenspun’s Tenth Rule: The joke isn’t really about programming languages. It’s about a pattern: certain problems have a shape, and no matter how you approach them, you end up building the same solution, in the same order, until you arrive at the same messy place.

A few practical improvements this week, mostly driven by what we’re learning as customers deploy CertKit into larger infrastructures.

Two big things in this release, a remote-updating CertKit agent Google Trust Store CA issuer support.

In preparation for launching CertKit last week, I browsed the websites of a lot of related cybersecurity services. I don’t really understand what any of them do, but apparently, “trust” is a thing that can be sold now.

CertKit is officially out of beta. We started building CertKit a year ago, and since then over 600 people signed up, issued certificates, and deployed to their infrastructure. Several are running it as their production certificate management platform right now. We built a lot during the beta. Some of it we planned: SSO, team management, alerting. Other things, users had to beat into us. The Keystore came from enterprise security requirements to keep private keys in house.

We release some good stuff this week with the CertKit agent version 1.8 from our roadmap, along with some small usability fixes in the CertKit web application.