whiterabbitsecurity.com

What It Is

WhiteRabbit Security is a cybersecurity vendor based in Germany, with a core focus on cryptographic key management and customized PKI. Its website clearly states that it is the maintainer and developer of OpenXPKI. The company provides enterprise-grade certificate infrastructure solutions ranging from consulting and architecture design to implementation and operations, covering Enterprise PKI, IoT PKI, and Embedded PKI.

Core Capabilities

In terms of protection scope, it mainly addresses digital identity, certificate lifecycle management, and device authentication. Enterprise PKI supports self-service certificate requests through a web interface, configurable approval workflows, certificate metadata management, and automated issuance via SCEP, EST, and ACME. It is suitable for complex environments involving servers, network devices, mobile devices, containers, virtual machines, and more. IoT PKI emphasizes initial certificates during manufacturing, automated certificate renewal during operation, and rule-based validation, supporting deployments from hundreds to millions of devices. Embedded PKI can be integrated directly into products, providing automated certificate enrollment, renewal, and CA Rollover for long-lifecycle devices.

Deployment, Management, and Integration

Deployment options appear fairly flexible. The site mentions internal enterprise PKI, Docker subscription-based deployment, Offline Root CA, OCSP Responder, certificate proxies, and embedded PKI. On the management side, it provides lifecycle monitoring, certificate expiration alerts, and configurable upgrade mechanisms. Notifications can be sent via email, ticketing systems, or monitoring interfaces. For integration, it supports Kubernetes, cert-manager, VMware, CMDBs, asset databases, production lines, and external Root CAs, indicating a relatively high level of standardization.

Pricing and Compliance

Pricing information is limited. The only visible reference is “PKI im Docker als Abo,” indicating that a Docker-based subscription plan exists. The company also offers consulting, implementation, system integration, and custom development. Specific pricing, trial policies, SLAs, compliance certifications, and support tiers are not disclosed, so buyers should confirm budget, delivery scope, and operational responsibilities during the initial discussion.

Pros, Cons, and Best Fit

Its strengths are deep specialization, open protocol support, and strong automation capabilities. It also covers serious PKI topics such as Offline Root CA, CA Rollover, HSM usage, and post-quantum migration. The downside is that the product is clearly engineering- and project-oriented, so teams without PKI expertise may face a relatively steep learning curve. Public materials also lack details on pricing, certifications, and localized support. It is best suited for mid-sized to large enterprises, industrial/connected vehicle/IoT vendors, device companies that need to embed PKI into their products, and organizations with complex private cloud or virtualization environments.

Access from China

The site does not provide information about network accessibility from China, RMB payments, invoicing, or Chinese-language support, so china_access can only be rated as unknown. Chinese users with local compliance, Chinese cryptographic algorithm, classified protection, or data residency requirements should carefully verify the deployment model, supported cryptographic algorithms, and service response arrangements. Alternatives to evaluate include EJBCA, HashiCorp Vault PKI, Smallstep, Venafi, Keyfactor, as well as local CA and cryptographic service providers such as CFCA and 天威诚信.