M&T Bank Achieves Full Certificate Visibility with Cloud-Based PKI

The Challenge

M&T Bank’s previous manual PKI environment struggled to stay on top of rapid growth in devices and certificates. Manual request, renewal, and revocation processes created operational bottlenecks and visibility gaps. Developers and system administrators often relied on self-signed or wildcard certificates, causing security and scalability issues.

As we developed certificate lifecycle management systems internally, we found out that it was much more efficient to do it in the cloud. When it was time to switch to cloud based PKI, we went with Keyfactor because of the ease of transition over to cloud hosted products.”

The Solution

Centralized Certificate Visibility and Automation

M&T Bank selected Keyfactor Command to provide enterprise-wide certificate discovery, inventory, and lifecycle automation. The platform integrates with Microsoft CAs, public certificate authorities, and network environments to deliver continuous visibility. APIs and self-service workflows enable developers and administrators to provision certificates quickly and securely.

We cannot manage what we cannot see, and Keyfactor gave us that visibility. Keyfactor has allowed us to scale massively and keep everything in view. Keyfactor is a critical component in our security infrastructure.”

Keyfactor Command scaled alongside M&T Bank as certificate volume increased more than one hundredfold.

Business Impact

With Keyfactor Command, M&T Bank eliminated certificate blind spots and gained real-time insight into hundreds of thousands of certificates. Network discovery and inventory capabilities identified unknown certificates and reduced reliance on insecure self-signed credentials. Automated workflows streamlined certificate issuance and renewal, improving security outcomes while increasing developer efficiency.