Uncover blind spots, reduce risk, and build resilience  Read The CISO’s Guide to Cryptographic Risk

  • Home
  • Blog
  • Product
  • What’s New in Keyfactor Command 25.3: Flexibility, Control, and Clarity

What’s New in Keyfactor Command 25.3: Flexibility, Control, and Clarity

Product

The 25.3 update for Keyfactor Command is designed to offer you more control, actionable information at your fingertips, and enhanced post-quantum readiness.

This release introduces:

  • Fully customizable dashboards tailored to your role (and your priorities)
  • Smarter workflows with bulk ownership updates and enrollment flexibility
  • More flexible alert scheduling to run on the timelines your team prefers
  • More Post-Quantum Cryptography (PQC) with added support for SLH-DSA and hybird certificates using SLH-DSA

All in all, Command 25.3 brings faster, security-trimmed insights, better collaboration, and more convenient workflows at scale.

Key Highlights in Command 25.3

Managing digital certificates at enterprise scale is about more than automation — it’s about clarity, customization, and crypto-agility. Get these three things right and cryptographic management will be smooth and seamless for years to come.

We hear about many teams that still rely on static dashboards, rigid workflows, and one-size-fits-all alerts. But users who need to click around to find information relevant to their role experience friction, slowing down response times and leaving critical insights buried in the noise.

Keyfactor Command 25.3 introduces new enhancements that help teams tackle these challenges head-on. With this release, users can personalize their experience with a variety of customizable widgets, streamline certificate ownership and renewal processes, and fine-tune expiration alerts so that they match their team’s operational priorities. And (bonus!) Command 25.3 introduces further support for quantum-ready certificate management, something to be expected from future releases as well.

Here’s a deeper dive into these new capabilities and what they mean for you.

Smarter Dashboards

What is it?
A fully widget-based dashboard lets you drag, drop, filter, tweak, and save the widgets that are most helpful for your role. Each user gets a personalized layout, with the option to toggle back to classic view – perfect for larger, security-focused teams.

Why it matters:
Gone are the days of one dashboard for all. Users can now highlight the metrics that matter most to them — from risky endpoints to collections with expiring certificates. Plus, you can adjust widgets however you like.

Key benefits:

  • Personalized dashboards for each user on your team
  • Threshold-based risk indicators that change color when criteria are met
  • Faster insights for SOC teams, PKI Ops, and leadership

Check out this quick demo of the new dashboard experience.

Bulk Certificate Ownership Changes

What is it?
Update certificate owners directly from your certificate inventory—in bulk. Just select all the certificates you want to change ownership for, search for the new owner, and one click later, you’ve re-assigned ownership of all those selected certificates. A simple, yet powerful feature.

Why it matters:
No more tedious, one-by-one updates. Admins can quickly reassign certificates during team transitions, role changes, or for incident response.

Key benefits:

  • Save time with bulk actions
  • Reduce errors in certificate management
  • Simplify PKI administration at scale

Flexible Expiration Alert Schedules

What is it?
Assign unique schedules to each expiration alert for asynchronous execution, rather than all alert notifications running on the same schedule.

Why it matters:
In previous versions of Command, all expiration alerts ran on the same cadence. Now, you can schedule your team’s highest-priority alerts so that they run immediately or on a shorter timeframe, while others run less frequently. The frequency is your choice.

Key benefits:

  • More responsive, use-case-driven alerting
  • Tailored cadence by team or urgency
  • Optimized performance and visibility

Post-Quantum & Hybrid Certificates

What is it?
Added support for hybrid certificates using the NIST-approved SLH-DSA algorithm, compatible with both classical and quantum-safe cryptography. This is in addition to existing support for ML-DSA.

Why it matters:
Hybrid certificates let you embrace post-quantum cryptography (PQC) without replacing existing infrastructure, ensuring uptime and crypto-agility as quantum standards evolve. It’s a great way to test out quantum resilience for your current certificate operations without any disruption.

Key benefits:

  • Issue, inventory, and enroll for hybrid and PQ certificates
  • Prepare for quantum-readiness without disruption
  • Maintain interoperability with today’s systems

Check out this demo of PQ certificate enrollment in Command.

Command 25.3 delivers on a central promise: giving teams more control, more customization, and more clarity in their certificate operations. From SOC analysts who need real-time visibility to PKI admins who want fewer manual tasks, this release is built to meet customers’ teams where they are today, while helping them prepare for what’s next.

Want to learn more? Check out the Command 25.3 release notes or request a demo of Keyfactor Command today.