Keyfactor

Keyfactor
Formerly	Certified Security Solutions (CSS)
Company type	Private
Industry	Information security; Identity and access management (IAM); Public key infrastructure; Digital identity; Cryptography
Founded	2001
Headquarters	Independence, Ohio
Area served	Worldwide
Key people	Jordan Rackie (CEO)
Website	www.keyfactor.com

Keyfactor Inc. is a global cybersecurity company headquartered in Independence, Ohio. It specializes in digital trust, identity, and cryptography management solutions, which are key to modern IT infrastructure. These services focus on securing and managing cryptographic assets like cryptographic keys and digital certificates. The company was originally founded as Certified Security Solutions (CSS) in 2001 by Kevin von Keyserling and Ted Shorter, and has become a leading provider in digital identity and cybersecurity.

The US-based cybersecurity company helps organizations, governments, and enterprise businesses in automating the discovery, creation, deployment, and renewal of digital certificates and other cryptographic assets. This ensures devices, applications, workloads, AI agents, and users can be securely authenticated without manual intervention. In addition to certificate management, Keyfactor offers solutions for identity-based security, IoT device authentication, and cryptographic posture management, helping organizations meet compliance requirements and reduce operational and security risk.

History

Certified Security Solutions (2001-2018)

Certified Security Solutions (CSS) was co-founded as a PKI consulting firm in 2001 by Kevin von Keyserling and Ted Shorter. From the outset, the company specialized in cybersecurity consulting for large enterprises. They focused on securing PKI and machine identities for large Microsoft enterprise environments, to help set up and manage their infrastructure. At the time, very few firms deeply understood Microsoft security internals, giving CSS a major advantage in the cybersecurity space. In 2006, this specialty was recognized by Microsoft, who awarded CSS Microsoft Certified Gold Partner status.^[1] In the same year, CSS was a Microsoft Security Solutions Technology Innovation Partner of the Year Finalist.^[2]

In 2008, CSS opened its first office, located in Ohio, where Keyfactor continues to be headquartered today.^[3] Kevin Von Keyserling also became the company CEO that year.^[4] Throughout the 2000s, CSS branched into other areas of cybersecurity. Identity & Access Management became a major service for the corporation, as active directory mismanagement and hacks would often bring entire corporations to a halt. CSS launched the Certificate Reporting Tool (CRT) in 2009, which was eventually integrated into Keyfactor's Certificate Management System (CMS), now known as Keyfactor Command.^[5]

A vulnerability in the Simple Certificate Enrollment Protocol (SCEP) was detected by the CSS team in 2012 and they worked with United States Computer Emergency Readiness Team to produce a vulnerability report on SCEP.^[6]^[7] The vulnerability used the SCEP system to access corporate servers or email. As a result of the vulnerability, Microsoft changed a number of its policies to protect users.^[8]

During this period, CSS began to create a foundation of cybersecurity services and solutions, focused on digital identity, which included public key infrastructure (PKI), certificate management, and IoT security solutions. Their success in these fields led to CIO listing CSS as one of its top cybersecurity companies for 2015, positioned third on their list.^[9] With a continued strategy of becoming a major cybersecurity company, CSS integrated with SAP HANA Cloud Platform for IoT in 2016.^[10]

Keyfactor (2018-present)

In 2018, CSS announced that it was to undergo a rebrand, changing its brand name to Keyfactor.^[11] It announced it had closed a funding round of $77 million in January 2019,^[12] which was led by Insight Partners.^[13] Later that year it was announced that Jordan Rackie would be stepping in as CEO, replacing Kevin von Keyserling, who would remain with Keyfactor as Chief Strategy Officer.^[14]

Around the time of the rebrand, Keyfactor continued to strengthen its enterprise and IoT security ecosystem. It joined Thales Security's alliance to integrate its PKI and certificate management solutions with HSMs.^[15] Keyfactor also launched its SCEP Validation Service to enhance secure certificate enrollment for Microsoft NDES environments. It also formally launched the Keyfactor Command product.^[16]

In July 2019, Keyfactor announced its first major acquisition since Insight Partners became the majority shareholder: Spain-based Redtrust, which operated as a digital identity firm, providing centralized certificate and digital signature management. The acquisition would broaden Keyfactor's customer base and service offering, with Redtrust having clients in highly regulated industries such as banking, insurance, infrastructure, and healthcare.^[17]

In April 2021, Keyfactor raised an additional $125 million via a funding round led by Insight Partners.^[18] Keyfactor then merged with PrimeKey, Swedish-based founder of open-source based PKI and signing software, EJBCA and SignServer.^[18]

By 2023, Keyfactor had become a leading expert in addressing challenges in the control of PKI and machine identities at scale.^[19] They announced in February 2024 that the company had surpassed $100 million in annual recurring revenue (ARR) for the first time.^[20]

With an increased focus in the industry on post-quantum cybersecurity, Keyfactor acquired Infosec Global from Merlin Ventures in May 2025.^[21] The deal was thought to be worth hundreds of millions, according to technology publication CTech.^[22] They also acquired CipherInsights , a passive network listener capable of identifying cryptographic risk factors in real-time, around the same period.^[23] In January 2026, Keyfactor announced a senior addition to its staff, with Michael Volanoski joining in a dual role as its president and chief revenue officer.^[24]

Applications

Keyfactor, through acquisition and diversification, has become a full-stack trust infrastructure platform since its inception in 2001. Many of its services relate to enterprise-level cybersecurity threats and protection. This includes spotting and protecting enterprises from vulnerabilities with digital certificates and public key infrastructure.^[25]

EJBCA

EJBCA is an open-source and enterprise public key infrastructure (PKI) software platform originally developed by PrimeKey, now part of Keyfactor. It is used to issue and manage digital certificates for things like IoT devices, enterprise users, servers, and secure communications. It supports large-scale, high-assurance environments and is known for flexibility, automation, and standards compliance. In short, it is the foundation of certificate management behind many secure systems.^[26]

Command

Keyfactor Command is a certificate lifecycle automation platform designed to help organizations discover, manage, and automate TLS/SSL and other digital certificates across hybrid environments. It reduces outages and security risks caused by expired or mismanaged certificates. Command integrates with CAs, DevOps tools, cloud platforms, and enterprise systems to centralize visibility and control. It provides a centralized overview of certificate activity and management across an organizationâs entire certificate ecosystem.^[27]

Signum

Keyfactor Signum is an enterprise code signing platform that centralizes and secures signing operations through policy-based access controls. Lightweight client agents for Windows, Linux, and macOS integrate with native signing tools like Microsoft SignTool via CSP/KSP and PKCS#11, allowing developers to sign without changing their existing toolchains. Private keys are stored on an HSM and never leave its boundary, ensuring signing certificates remain protected even when surfaced to authenticated users and machines.^[28]

SignServer

SignServer is a server-based digital signing software platform, originally developed by PrimeKey. It leverages the Bouncy Castle cryptographic library for its core signing operations, enabling high-performance, centralized signing across use cases like document signing, code signing, timestamping, and e-passports. It supports hardware security modules (HSMs) for secure key storage and is built for scalable, automated environments. Certificates issued by a PKI platform such as EJBCA can be deployed to SignServer, where they are used to sign artifacts at high volume and speed.^[29]

Keyfactor AgileSec

Keyfactor AgileSec, originally developed by InfoSec Global and now a part of Keyfactor, helps organizations inventory and assess cryptographic assets across an organizationâs entire IT ecosystem. This is especially important for post-quantum cryptography readiness and helps enterprises understand where and how encryption is used, and whether it meets current and future security standards.^[22]

References

^ "Certified Security Solutions, Inc. Earns Microsoft Gold Certified Partner Status". CSS. Archived from the original on May 24, 2015.
^ "Microsoft Announces 2006 Partner Program Award Finalists and Select Category Winners". Microsoft. July 6, 2006.
^ "Certified Security Solutions, Inc. Opens Branch Office in Cincinnati, Ohio". CSS. Archived from the original on May 3, 2015.
^ "Certified Security Solutions, Inc. Elects Kevin Von Keyserling To President And Chief Executive Officer". CSS. July 2, 2008. Archived from the original on September 3, 2016.
^ Galehouse, Gary (July 5, 2012). "Writing Event Plugin Handlers for the Certificate Management System (CMS)". Keyfactor.
^ "CSS Uncovers SCEP Vulnerability For Mobile Devices In The Enterprise". PR Newswire.
^ "Simple Certificate Enrollment Protocol (SCEP) does not strongly authenticate certificate requests". United States Computer Emergency Readiness Team.
^ "Using a Policy Module with the Network Device Enrollment Service". Microsoft.
^ "Top 20 Cyber Security Solutions in 2015". CIO (magazine).
^ Hamilton, Debra. "CSS to integrate security solution with SAP HANA Cloud Platform for IoT". SAP.
^ "Certified Security Solutions Re-Brands As Keyfactor". Keyfactor.
^ Wiggers, Kyle (January 22, 2019). "Keyfactor raises $77 million to simplify digital security management". VentureBeat.
^ "Keyfactor Secures $77 Million from Insight Venture Partners". Wall Street Journal. January 22, 2019.
^ Nobile, Jeremy (June 4, 2019). "Keyfactor expands leadership team, names new CEO in Jordan Rackie". Crain's Cleveland.
^ "Certified Security Solutions (CSS) Partners with Thales to Deliver Highly Scalable and Secure Enterprise Public Key Infrastructure (PKI) Management Solutions". PR Newswire.
^ "Support tip: Implementing strong mapping in Microsoft Intune certificates". Microsoft. February 9, 2024.
^ "Keyfactor acquires Spanish digital identity firm Redtrust". Security Info Watch. July 2, 2019.
^ ^a ^b O'Brien, Chris (April 15, 2021). "Keyfactor raises $125M and merges with PrimeKey to create a machine identity management platform". VentureBeat.
^ Columbus, Louis (April 13, 2023). "Managing machine identities in a zero-trust world". VentureBeat.
^ Alspatch, Kyle (February 13, 2024). "Keyfactor CEO On Reaching $100M ARR Amid Identity Security Surge". CRN (magazine).
^ "InfoSec Global, a Keyfactor Company, Secures Second U.S. Patent for Cryptographic Agility". Financial Post. October 2, 2025.
^ ^a ^b "Keyfactor acquires InfoSec Global as Merlin Ventures notches strategic exit". CTech. May 17, 2025.
^ Suttell, Scott (May 13, 2025). "Two acquisitions power more growth at Keyfactor". Crain Communications.
^ "Keyfactor appoints new president, chief revenue officer". Crain's Cleveland. January 5, 2026.
^ Osborne, Charlie (February 11, 2020). "Enterprise companies struggle to control security certificates, cryptographic keys". ZDNet.
^ "Field Notice: FN - 72013 - Cisco APIC-EM Root Certificate Expiration Causes All IWAN DMVPN Connections to Fail - Software Upgrade Recommended". Cisco. December 18, 2020. Retrieved May 5, 2021.
^ Riley, Duncan. "Keyfactor unveils certificate risk management solution with enhanced visibility". SiliconAngle.
^ "Keyfactor Signum Strengthens Software Supply Chain Security Without Slowing Productivity". BusinessWire. October 11, 2022.
^ "IBM and Keyfactor Partner for Enterprise Post-Quantum Security". The Quantum Insider. January 22, 2026.

[1] "Certified Security Solutions, Inc. Earns Microsoft Gold Certified Partner Status". CSS. Archived from the original on May 24, 2015.

[2] "Microsoft Announces 2006 Partner Program Award Finalists and Select Category Winners". Microsoft. July 6, 2006.

[3] "Certified Security Solutions, Inc. Opens Branch Office in Cincinnati, Ohio". CSS. Archived from the original on May 3, 2015.

[4] "Certified Security Solutions, Inc. Elects Kevin Von Keyserling To President And Chief Executive Officer". CSS. July 2, 2008. Archived from the original on September 3, 2016.

[5] Galehouse, Gary (July 5, 2012). "Writing Event Plugin Handlers for the Certificate Management System (CMS)". Keyfactor.

[6] "CSS Uncovers SCEP Vulnerability For Mobile Devices In The Enterprise". PR Newswire.

[7] "Simple Certificate Enrollment Protocol (SCEP) does not strongly authenticate certificate requests". United States Computer Emergency Readiness Team.

[8] "Using a Policy Module with the Network Device Enrollment Service". Microsoft.

[9] "Top 20 Cyber Security Solutions in 2015". CIO (magazine).

[10] Hamilton, Debra. "CSS to integrate security solution with SAP HANA Cloud Platform for IoT". SAP.

[11] "Certified Security Solutions Re-Brands As Keyfactor". Keyfactor.

[12] Wiggers, Kyle (January 22, 2019). "Keyfactor raises $77 million to simplify digital security management". VentureBeat.

[13] "Keyfactor Secures $77 Million from Insight Venture Partners". Wall Street Journal. January 22, 2019.

[14] Nobile, Jeremy (June 4, 2019). "Keyfactor expands leadership team, names new CEO in Jordan Rackie". Crain's Cleveland.

[15] "Certified Security Solutions (CSS) Partners with Thales to Deliver Highly Scalable and Secure Enterprise Public Key Infrastructure (PKI) Management Solutions". PR Newswire.

[16] "Support tip: Implementing strong mapping in Microsoft Intune certificates". Microsoft. February 9, 2024.

[17] "Keyfactor acquires Spanish digital identity firm Redtrust". Security Info Watch. July 2, 2019.

[venturebeat-18] O'Brien, Chris (April 15, 2021). "Keyfactor raises $125M and merges with PrimeKey to create a machine identity management platform". VentureBeat.

[19] Columbus, Louis (April 13, 2023). "Managing machine identities in a zero-trust world". VentureBeat.

[20] Alspatch, Kyle (February 13, 2024). "Keyfactor CEO On Reaching $100M ARR Amid Identity Security Surge". CRN (magazine).

[21] "InfoSec Global, a Keyfactor Company, Secures Second U.S. Patent for Cryptographic Agility". Financial Post. October 2, 2025.

[ctech-22] "Keyfactor acquires InfoSec Global as Merlin Ventures notches strategic exit". CTech. May 17, 2025.

[23] Suttell, Scott (May 13, 2025). "Two acquisitions power more growth at Keyfactor". Crain Communications.

[24] "Keyfactor appoints new president, chief revenue officer". Crain's Cleveland. January 5, 2026.

[25] Osborne, Charlie (February 11, 2020). "Enterprise companies struggle to control security certificates, cryptographic keys". ZDNet.

[26] "Field Notice: FN - 72013 - Cisco APIC-EM Root Certificate Expiration Causes All IWAN DMVPN Connections to Fail - Software Upgrade Recommended". Cisco. December 18, 2020. Retrieved May 5, 2021.

[27] Riley, Duncan. "Keyfactor unveils certificate risk management solution with enhanced visibility". SiliconAngle.

[28] "Keyfactor Signum Strengthens Software Supply Chain Security Without Slowing Productivity". BusinessWire. October 11, 2022.

[29] "IBM and Keyfactor Partner for Enterprise Post-Quantum Security". The Quantum Insider. January 22, 2026.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

[21]

[22]

[23]

[24]

[25]

[26]

[27]

[28]

[29]