AppViewX Simplifies and Secures Certificate Lifecycle Management for Kubernetes Environments

AppViewX, the leader in automated machine identity management (MIM) and application infrastructure security, is unveiling AppViewX KUBE+, a solution designed to simplify certificate lifecycle management and reduce security vulnerabilities across Kubernetes environments. AppViewX KUBE+ offers comprehensive certificate visibility, end-to-end automation, and policy control, enabling Kubernetes users to secure containerized workloads at scale.

AppViewX KUBE+ addresses several security concerns for complex Kubernetes environments, including mitigating application outages, service disruptions, and security and compliance risks. The solution employs role-based access control and self-service capabilities to align DevOps, CloudOps, and InfoSec teams while managing thousands of certificates in Kubernetes.

“Whether standing up a cluster or securing its internal orchestration functions, Public Key Infrastructure (PKI) and TLS certificates are foundational to Kubernetes security since they provide strong authentication, encryption, and data integrity across containerized workloads,” said Ravishankar Chamarajnagar, chief product officer at AppViewX. “AppViewX KUBE+ enables cross-functional teams to automate and overcome the challenges of managing short-lived TLS certificates at scale and speed to ensure security in complex cloud-native environments.”

AppViewX’s Kubernetes-based solution discovers all SSL/TLS certificates across clusters, whether they are self-signed or from any Certificate Authority. AppViewX KUBE+ maintains a dynamic inventory of certificates which are automated to segment into groups and map to Kubernetes teams. End-to-end certificate lifecycle management includes processes from enrollment to auto-renewal of TLS (secure ingress traffic)/mTLS certificates in Kubernetes.

Additionally, AppViewX KUBE+ creates and enforces company-wide PKI policies to guarantee the usage of approved CAs, crypto-standards, and validity periods.

The solution supports all major Kubernetes platforms and services, including hybrid/on-prem environments—such as Openshift, Tanzu, and Rancher—and cloud provider solutions—such as Amazon EKS, Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). AppViewX KUBE+ also supports various service mesh products, including Istio and Linkerd.

“Broadcom’s platform engineering team is responsible for all our cloud assets which includes the Kubernetes-centric platform that supports our SaaS applications. Since we use various Certificate Authorities and self-signed certificates, we needed enterprise visibility to reduce the risk of outages and security concerns,” said Ganesh Janakiraman, head of cloud platform engineering at Broadcom. “AppViewX KUBE+ provides our teams with comprehensive discovery and visibility of thousands of certificates putting us in complete control of all certificates across hundreds of Kubernetes clusters.”

AppViewX KUBE+ is now generally available as a SaaS solution. It is part of the AppViewX Digital Identity Management Platform, which includes AppViewX CERT+ and AppViewX PKI+.

To learn more about AppViewX KUBE+, please visit