EZCA allows you to run and scale your own highly available private CA service without the upfront investment and ongoing maintenance costs of operating a private CA or private CA hierarchy. Whether you are creating a new private PKI hierarchy or chaining up to your existing Root CA, EZCA will help you create a secure and cloud-scale Azure based Certificate Authority that meets and exceeds industry standards.
One of the main reasons many Azure customers chose EZCA as their Azure Certificate Authority is because of our native integrations with Azure services, making it easy for you to create your PKIaaS in Azure and set it and forget it, EZCA will then take care of all the certificate management operations, from running a world class CA, to more tedious tasks such as keeping track of certificates and automatically rotating them.
The first step for getting started with EZCA, is creating your PKI subscription in Azure. With our Azure marketplace listing, you can create your cloud CA in minutes and start issuing SSL certificates.
Intune enables you to manage your organization's devices without the need to have an on-premises domain. Now with EZCA you can easily create an Azure based certificate authority for Intune and issue SCEP certificates without the overhead of managing an ADCS (Active Directory Certificate Services) and Intune SCEP connector instance.
While EZCA offers many automatic certificate issuance protocols such as SCEP and ACME (Automated Certificate Management Environment) one of the most used features is our one-click Azure Key Vault certificate creation and management integration. This integration enables users to securely create and manage certificates following Azure best practices with an HSM (Hardware Security Module) backed Azure Key Vault. This integration fully automates certificate issuance in Azure.
With the exponential growth of cloud services, the identities that protect those services have also exponentially grown, making it impossible for humans to securely manage the identities for those cloud services. To help organizations automate their certificate rotation we are proud to say EZCA is the only PKIaaS that offers automatic AAD (Azure Active Directory) Application Certificate Rotation.
With IoT's gaining popularity, it has become a must have for many businesses, but as any emerging technology, IoT has been also grabbed the attention of hackers. Most IoT attacks from small attacks directed to specific companies, to large scale attacks such as the attack on DNS infrastructure by the Mirai Botnet, have a weak identity story to manage the IoT devices in common. To make it easier for organizations to get up and running with Azure IoT Hub certificate authentication we have created a guide on IoT identity security best practices and created a one-click integration with Azure IoT that allows you to easily create your Azure based CA and connect it with Azure. We have also created Azure IoT Authentication code samples connected to our Azure IoT certificate authority that enable you to have a working prototype in days instead of months.
As a Microsoft Security partner, we could not create an Azure based PKI without sending all alerts and logs to Azure Sentinel. All Keytos tools send all security logs to Azure Sentinel allowing you to have a single pane of glass where your SOC team can monitor your infrastructure and detect anomalies.