XELANED
DE|EN
Get in touch

Workshops

Your benefits — decades of experience

Concrete improvements for security, availability and auditability — without unnecessary complexity. We focus on practical measures, clear responsibilities and a target operating model that stands up in day-to-day operations.

Less risk

Reduced outages caused by expiring certificates, misconfigurations and a lack of inventory transparency.

More automation

Standardized rollouts and renewals across platforms — fewer tickets, fewer manual interventions.

Better audit readiness

Policies, roles, logging and evidence that support regulatory requirements (e.g., KRITIS, NIS2, DORA or TISAX).

Operationally stable certificate operations

Clearly defined responsibilities, lifecycle processes and monitoring enable operations that remain manageable and predictable even in large environments.

Future readiness

Sound cryptographic strategies, traceable policies and migration-ready platforms provide the foundation for long-term evolution.

Your workshop — practical and hands-on

The goal of the workshop is to document your current infrastructure in a structured way and identify opportunities to improve security and mitigate relevant attack vectors through the use of certificates. Based on the existing environment, operating models (on-premises, SaaS, cloud) and established PKI solutions on the market are presented and assessed.

Scope

  • Current state
    Collection of the relevant technical and organizational information.
  • Attack vectors
    Derivation of protection and hardening measures using certificates (mTLS, signing, device identity, email security).
  • Technology approaches
    Comparison of on-premises, SaaS and cloud approaches (including hyperscaler options).
  • Market overview
    Assessment of selected PKI solutions in terms of capabilities, limitations and cost.
PKI & CLMZero‑Trust / mTLSGovernanceRoadmap

Contents

  • Current-state assessment
    Organizational data, networks & interfaces (internal/external), IAM, mobile devices, email/documents/scripts, remote access & VPN.
  • Requirements
    Definition of technical and organizational requirements for a future PKI/CLM solution, including compliance and operational processes.
  • Use case catalog
    Review of core use cases to increase and optimize security (e.g., mTLS, code signing, OT/IoT, S/MIME).
  • Technology comparison
    Comparison of cloud, SaaS and on-premises options in terms of operations, integration, key custody (HSM) and auditability.
  • Solution assessment
    Overview of PKI solutions including feature scope, limitations and cost — aligned to the current infrastructure and target use cases.
  • Recommendation
    Development of a recommendation including target architecture, prioritization, a high-level roadmap and next steps.

Results — what you can expect

  • a prioritized use case catalog
    Current state, target architecture, risks and dependencies
  • a policy set
    e.g., validity periods, algorithms, namespaces and SAN rules
  • an integration map
    CAs, platforms, systems, interfaces
  • a rollout approach per platform
    including protocols such as ACME, EST, SCEP, CMP and operational processes
  • as well as requirements for HSM, audit and operations
    HA/DR, backup, roles, monitoring and logging
Use‑CasesPoliciesIntegrationsRolloutHSM/Audit

Stakeholders & required information (preparation)

Participants (typical)

Security/PKI, IT operations, network, IAM, endpoint/MDM, cloud/platform, compliance/audit, and relevant application owners.

Inputs

Existing CAs (public/private), certificate inventory (if available), integration points (LB/WAF, K8s, VPN), operational/security requirements, RTO/RPO, HSM requirements.

Assessed solution landscape (selection)

The workshop includes a vendor-neutral assessment of selected solutions, including Entrust, Keyfactor/PrimeKey, Nexus, Microsoft, MTG, HashiCorp and Venafi. The final selection depends on use cases, integrations, governance requirements and budget constraints.
EntrustKeyfactor / PrimeKeyNexusMicrosoftMTGHashiCorpVenafi

What would you like to do next?

XELANED specialists are available to support your next steps at any time. Together, we prioritize topics, clarify dependencies and choose an approach that fits your environment both technically and organizationally.

Configure workshop contents to fit your needs

Assemble the desired contents modularly and individually — including a live time estimate. You can then request a quote directly.
Book workshop