Keyfactor Inc. is a global cybersecurity company headquartered in Independence, Ohio. It specializes in digital trust, identity, and cryptography management solutions, which are key to modern IT infrastructure. These services focus on securing and managing cryptographic assets like cryptographic keys and digital certificates. The company was originally founded as Certified Security Solutions (CSS) in 2001 by Kevin von Keyserling and Ted Shorter, and has become a leading provider in digital identity and cybersecurity.
The US-based cybersecurity company helps organizations, governments, and enterprise businesses in automating the discovery, creation, deployment, and renewal of digital certificates and other cryptographic assets. This ensures devices, applications, workloads, AI agents, and users can be securely authenticated without manual intervention. In addition to certificate management, Keyfactor offers solutions for identity-based security, IoT device authentication, and cryptographic posture management, helping organizations meet compliance requirements and reduce operational and security risk.
Certified Security Solutions (2001-2018)
Certified Security Solutions (CSS) was co-founded as a PKI consulting firm in 2001 by Kevin von Keyserling and Ted Shorter. From the outset, the company specialized in cybersecurity consulting for large enterprises. They focused on securing PKI and machine identities for large Microsoft enterprise environments, to help set up and manage their infrastructure. At the time, very few firms deeply understood Microsoft security internals, giving CSS a major advantage in the cybersecurity space. In 2006, this specialty was recognized by Microsoft, who awarded CSS Microsoft Certified Gold Partner status.[1] In the same year, CSS was a Microsoft Security Solutions Technology Innovation Partner of the Year Finalist.[2]
In 2008, CSS opened its first office, located in Ohio, where Keyfactor continues to be headquartered today.[3] Kevin Von Keyserling also became the company CEO that year.[4] Throughout the 2000s, CSS branched into other areas of cybersecurity. Identity & Access Management became a major service for the corporation, as active directory mismanagement and hacks would often bring entire corporations to a halt. CSS launched the Certificate Reporting Tool (CRT) in 2009, which was eventually integrated into Keyfactor's Certificate Management System (CMS), now known as Keyfactor Command.[5]
A vulnerability in the Simple Certificate Enrollment Protocol (SCEP) was detected by the CSS team in 2012 and they worked with United States Computer Emergency Readiness Team to produce a vulnerability report on SCEP.[6][7] The vulnerability used the SCEP system to access corporate servers or email. As a result of the vulnerability, Microsoft changed a number of its policies to protect users.[8]
During this period, CSS began to create a foundation of cybersecurity services and solutions, focused on digital identity, which included public key infrastructure (PKI), certificate management, and IoT security solutions.[citation needed] With a continued strategy of becoming a major cybersecurity company, CSS integrated with SAP HANA Cloud Platform for IoT in 2016.[9]
Keyfactor (2018-present)
In 2018, CSS announced that it was to undergo a rebrand, changing its brand name to Keyfactor.[10] It announced it had closed a funding round of $77 million in January 2019,[11] which was led by Insight Partners.[12] Later that year it was announced that Jordan Rackie would be stepping in as CEO, replacing Kevin von Keyserling, who would remain with Keyfactor as Chief Strategy Officer.[13]
Around the time of the rebrand, Keyfactor continued to strengthen its enterprise and IoT security ecosystem. It joined Thales Security's alliance to integrate its PKI and certificate management solutions with HSMs.[14] Keyfactor also launched its SCEP Validation Service to enhance secure certificate enrollment for Microsoft NDES environments. It also formally launched the Keyfactor Command product.[15]
In July 2019, Keyfactor announced its first major acquisition since Insight Partners became the majority shareholder: Spain-based Redtrust, which operated as a digital identity firm, providing centralized certificate and digital signature management. The acquisition would broaden Keyfactor's customer base and service offering, with Redtrust having clients in highly regulated industries such as banking, insurance, infrastructure, and healthcare.[16]
In April 2021, Keyfactor raised an additional $125 million via a funding round led by Insight Partners.[17] Keyfactor then merged with PrimeKey, Swedish-based founder of open-source based PKI and signing software, EJBCA and SignServer.[17]
By 2023, Keyfactor had become a leading expert in addressing challenges in the control of PKI and machine identities at scale.[18] They announced in February 2024 that the company had surpassed $100 million in annual recurring revenue (ARR) for the first time.[19]
With an increased focus in the industry on post-quantum cybersecurity, Keyfactor acquired Infosec Global from Merlin Ventures in May 2025.[20] The deal was thought to be worth hundreds of millions, according to technology publication CTech.[21] They also acquired CipherInsights , a passive network listener capable of identifying cryptographic risk factors in real-time, around the same period.[22] In January 2026, Keyfactor announced a senior addition to its staff, with Michael Volanoski joining in a dual role as its president and chief revenue officer.[23]
Applications
Keyfactor, through acquisition and diversification, has become a full-stack trust infrastructure platform since its inception in 2001. Many of its services relate to enterprise-level cybersecurity threats and protection. This includes spotting and protecting enterprises from vulnerabilities with digital certificates and public key infrastructure.[24]
EJBCA is an open-source and enterprise public key infrastructure (PKI) software platform originally developed by PrimeKey, now part of Keyfactor. It is used to issue and manage digital certificates for things like IoT devices, enterprise users, servers, and secure communications. It supports large-scale, high-assurance environments and is known for flexibility, automation, and standards compliance. In short, it is the foundation of certificate management behind many secure systems.[25]
Signum
Keyfactor Signum is an enterprise code signing platform that centralizes and secures signing operations through policy-based access controls. Lightweight client agents for Windows, Linux, and macOS integrate with native signing tools like Microsoft SignTool via CSP/KSP and PKCS#11, allowing developers to sign without changing their existing toolchains. Private keys are stored on an HSM and never leave its boundary, ensuring signing certificates remain protected even when surfaced to authenticated users and machines.[26]
SignServer
SignServer is a server-based digital signing software platform, originally developed by PrimeKey. It leverages the Bouncy Castle cryptographic library for its core signing operations, enabling high-performance, centralized signing across use cases like document signing, code signing, timestamping, and e-passports. It supports hardware security modules (HSMs) for secure key storage and is built for scalable, automated environments. Certificates issued by a PKI platform such as EJBCA can be deployed to SignServer, where they are used to sign artifacts at high volume and speed.[27]
Keyfactor AgileSec
Keyfactor AgileSec, originally developed by InfoSec Global and now a part of Keyfactor, helps organizations inventory and assess cryptographic assets across an organizationâs entire IT ecosystem. This is especially important for post-quantum cryptography readiness and helps enterprises understand where and how encryption is used, and whether it meets current and future security standards.[21]