Unite and Conquer: DigiCert and Vercara’s Unified PKI-DNS Solution Helps to Tackle the Challenges Posed by the IoT and Post-Quantum Computing

DigiCert has finalized its acquisition of Vercara, confirming the integration of Vercara’s UltraDNS, UltraDDoS Protect, UltraWAF, UltraAPI, and UltraEdge solutions with the DigiCert ONE platform. Vercara’s products boast an enterprise-grade, managed, and authoritative Domain Name System (DNS) service, as well as Distributed Denial of Service (DDoS) mitigation, web application firewall, and Application Programming Interface (API) security services. Its integration with DigiCert’s existing Public Key Infrastructure (PKI) and certificate management suite yields a unified PKI and DNS solution that promises to deliver End-to-End (E2E) certificate management from domain validation to certificate management for global enterprises.

DigiCert and Vercara’s partnership leads the charge in providing a unified PKI-DNS solution, availing themselves of the previously untapped potential in this space and solidifying DigiCert’s position as a leading provider in digital trust services. The Vercara acquisition follows DigiCert’s incorporation of the DNS Made Easy solution in June 2022 and represents the growing expansion of its portfolio from PKI and certificate management to integrated PKI-DNS services. Given the interdependency between DNS and PKI in server authentication, the latest addition of Vercara’s UltraDNS solution to DigiCert’s digital trust offering positions it to provide comprehensive E2E protection for complex online infrastructure. Customers will be able to register a domain using the DNS, creating an authorization code that enables the certificate authority to automatically verify them as the domain owner, and ultimately authenticate and encrypt all communications to and from that domain through a digital certificate. With the additional integration of Vercara’s UltraDDoS Protect, WAF, API, and Edge services, DigiCert’s digital trust suite equips customers with enhanced DDoS protection and application security. By streamlining certificate and domain validation in this manner, the unified services are expected to expand DigiCert’s established customer base, broadening beyond mid-market players to target global enterprises. These multinationals will be able to select and integrate the applications they need from this turnkey platform in a modular manner, benefitting from the enhanced ease, flexibility, scalability, and reduced management overhead provided.

DigiCert’s transition to an integrated PKI-DNS offering is indicative of a prevalent trend in the PKI and digital trust markets generally:  integration of complementary services into unified frameworks and automation of the tools within. Large enterprises are increasingly grappling with mercurial application and system needs within their internal digital infrastructure, creating and stimulating a buying preference for one-stop shop and as-a-Service offerings, particularly in the PKI space. DigiCert and Vercara’s partnership serves as an effective case study for vendors hoping to get ahead within the digital trust space and PKI subsegment. To meet escalating demands from customers within the PKI market, vendors should:

• Focus on Product Integration and Unification of Complementary Tools: Given the growing complexity and costs associated with digital certificate provisioning, enterprises are increasingly favoring customizable as-a-Service platforms with a broad selection of functionalities to choose between. Integrating complementary tools and services can help plug vendors’ existing functionality gaps, expanding their customer base and naturally driving their competitive positioning in the burgeoning PKI-as-a-Service market.
• Harness the Power of Automation: By automating administrative tasks, including certificate issuance and renewal, vendors can provide robust PKI solutions that effectively enforce organizations’ PKI policies, while reducing overhead costs, limiting the risk of certificate provisioning errors and outages, as well as improving compliance.

Prioritizing initiatives that integrate complementary tools and utilize automation will help vendors combat threats posed by:

• IoT Devices: IoT device use has surged across verticals, generating increasingly higher demand for digital certificates and granting PKI a critical role in securing IoT interests across use cases. Yet, the bandwidth, storage, and computing capabilities required in traditional PKI is often incompatible with constrained IoT devices. DNS offers lightweight, yet scalable authentication options that can be combined with PKI solutions for the IoT. IoT devices are vulnerable to spoofing, man-in-the-middle, botnet, and DDoS attacks. By integrating application security tools, such as Vercara’s UltraDDoS Protect, WAF, API, and Edge services, unified PKI-DNS solutions offer more robust protection against IoT-related threats.
• Post-Quantum Computing (PQC): With attack-capable quantum computing on the horizon, PKI vendors must ensure their solutions are crypto-agile. Automating PKI solutions allows for quicker and more seamless transitions to new Certificate Authorities (CAs), injecting crypto-agility into PKI. Avoiding becoming locked-in to a particular vendor is necessary for crypto-agility. When offering unified services, vendors should do so in a flexible manner, allowing for agile transitions between services, and not as a lock-in strategy.