This article provides a consolidated feature-by-feature comparison of Cogito Jellyfish, MyID, Venafi, Keyfactor with EJBCA, and AppViewX. It brings together certificate lifecycle management, identity, key management, token management, access control, integrations, infrastructure compatibility, reporting, supportability and related capabilities in one reference article.

1. Certificate Management

This comparison examines core certificate lifecycle management capabilities, including certificate discovery, issuance, renewal, expiry notifications, policy enforcement, approval workflows and integrations with external certificate services and cloud key vaults.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Support for Domain violation reporting

?

Multiple SAN support in user certificates

Replacement for soft certificate issuing interfaces w/o additional licensing

Manage soft & smartcard certs incl. relationships

?

Complex Boolean certificate search

?

Certificate Expiry Notifications

Certificate Discovery

Automated Certificate Renewal

Certificate Polling

External Certificate Management (e.g. DigiCert, Let's Encrypt)

Complex certificate policy management (CSR rules)

Certificate request approval workflows

Kubernetes Certificate Management

ACM Certificate Management

Azure KeyVault Certificate Management

Certificate Approval Workflows

User Configurable Certificate Expiries

2. CMDB Features

This table compares configuration management database capabilities, including asset tracking, ownership relationships, certificate associations and the ability to search across certificate, user and device records.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Full CMDB capability

?

?

Tracking and maintenance of asset details

?

?

Maintain association between device, owner, user, location, and certificates

?

?

User and device centric management

?

?

Link between CMDB and CLM

Search for certificates based on any field available to the CMDB

Search for device or user based on any field available in the certificate

?

?

3. Access Control

This comparison covers logical and physical access control capabilities, including credential searches, workflow customisation, security-zone management and the exchange of information between building access and ICT systems.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Search for credentials

Transfer information between building and ICT systems (LAC to PAC joiner)

Workflow customisation

Control Physical security zones via AD groups

?

?

?

Log/lock/deny access based on location mismatch

Visualisation of user/zones/computers activity

4. Configuration Management

This table compares each platform’s ability to register assets, maintain asset information and establish relationships between devices, owners, users, locations and certificates.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Asset Registration

?

?

Tracking and maintenance of asset details

?

?

Maintain association between device, owner, user, location, and certificates

?

?

5. Customisation

This comparison examines platform customisation options, including corporate branding, configurable registration details and the ability to adapt workflows to organisational requirements.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

White Label / Corporate colours and logo

?

?

Registration detail customisation

Workflow customisation

6. Data Synchronisation

This table compares data synchronisation and provisioning capabilities, including configurable create, read, update and delete operations, directory changes, application-to-application synchronisation and support for HR-driven workflows.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Ability to replace other data sync tools

?

?

?

Broad and customisable support for CRUD activities

Replacement for other registration and provisioning tools

?

?

Affect directory changes such as the addition of OUs

?

Synchronise changes in one application to another

?

HR workflow support

?

?

7. Directory Integration

This comparison covers integration with directory technologies such as Active Directory and LDAP, as well as support for directory migration, role changes and certificate or access updates associated with user movement.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Multiple Directory Support (AD, LDAP, etc.)

Ability to change from one directory product to another

?

?

Support for change in position or role (affecting certificate/card access)

Ability to replace LDAP or Corporate Directory

8. Infrastructure Compatibility

This table compares infrastructure support across databases, operating systems, hardware security modules and multi-tenant or multi-organisation deployment models.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Supports SQL Database for Data Storage

Supports Windows Server 2012/2012r2/2016/2019/Linux

HSM Support

HSM Key Management Support

YubiHSM2 Support

?

?

nCipher Support

Thales/SafeNet Support

Utimaco Support

True multi-tenant / multi-organisation architecture (shared or isolated)

?

?

?

9. Identity Management

This comparison examines identity management capabilities, including account provisioning and deprovisioning, application and device management, identity-provider functionality and relationships between users, devices and services.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Account provisioning and deprovisioning

?

?

Account provisioning and deprovisioning from mobile app

Application provisioning and management

?

?

Device management

?

Bulk device creation / updates

?

?

Can act as an Identity Provider and Service Provider

Relationship building between Identities such as Devices, Services and Users.

10. Key Management

This table compares cryptographic key management capabilities across hardware security modules and cloud services, including key generation, monitoring, wrapping, post-quantum cryptography and hold-your-own-key models.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Management of keys in hardware including HSMs

Monitor health of HSMs

?

Boolean search capability

?

Generate keys in HSM, browser, server

?

?

PQC key creation and management

?

Key creation/wrapping for AWS KMS

Key creation/wrapping for Azure KeyVault

Key creation/wrapping for Google CSE

?

?

Key creation/wrapping for Salesforce

?

?

Hold Your Own Key (HYOK) support for cloud/SaaS encryption (e.g. O365)

11. Mobile Device Management Integration

This comparison examines each platform’s ability to manage certificates for mobile devices and integrate with mobile device management solutions such as Microsoft Intune, MobileIron and VMware AirWatch.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Manage certificates for mobile devices

Direct interface with MobileIron, AirWatch, Intune

?

Support for MobileIron, AirWatch, Intune

?

12. Monitoring

This table compares monitoring capabilities for hardware and supporting services, including health monitoring, issue investigation and integration with security information and event management systems.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Monitor health of hardware and services (HSMs, servers)

?

Drill into the issue within the interface

SIEM interface and reporting

?

13. Notifications

This comparison covers the notification channels and configurations available across the platforms, including email, group notifications, SMS and integrations with operational alerting applications.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Email Notifications

Custom/group email notifications

?

SMS Notifications

?

?

Application notification support (e.g., PagerDuty)

14. Physical Access Control Systems

This table compares capabilities for integrating with physical access control systems, including provisioning and deprovisioning, event-based automation, monitoring, plugin support and physical credential technologies.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Provisioning and Deprovisioning into PACs

PACs activity triggering events in other systems

?

Support for PACs monitoring and triggering of events in disparate systems

?

Plugin API for PACs

?

MIFARE DESFire EV1 Support

Detailed Diagnostic/Trace Logging

?

?

?

15. Reporting

This comparison examines reporting capabilities across certificates, identity and access management, network discovery, usage, physical access, auditing and custom reporting requirements.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Advanced certificate reporting including graphs

?

Domain whitelisting and reporting of out-of-scope certificates

IdAM reporting

?

Invoice reporting

?

?

?

Network scan reporting

Usage reporting

PACs reporting

Audit reporting

Custom Reporting

?

?

16. Self-Service

This table compares self-service capabilities for access requests, application provisioning, workflow approvals and password reset or synchronisation.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Replace network access request solutions

?

User self-service for app/access provisioning

?

?

Workflows for app/access requests (single/multi-stage)

Self-service password reset (non-smartcard apps)

?

Password sync on reset (multi-apps)

?

?

17. Support and Operational Monitoring

This comparison covers operational support capabilities, including audit logging, ticket management, systems monitoring, endpoint protection monitoring and SIEM integration.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Audit Logging and Reporting

Support ticketing

?

?

?

Support for Systems monitoring

?

Support for Endpoint protection monitoring

?

System Incident Event Monitoring (SIEM) integration

18. Single Sign-On Support

This table compares support for common single sign-on and authentication protocols, including LDAP, Kerberos, OpenID Connect, SAML and certificate-based authentication.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Supports LDAP based authentication for SSO

Supports Kerberos based authentication for SSO

?

Supports OpenID Connect based authentication for SSO

Supports SAML based authentication for SSO

?

Supports Certificate based authentication for SSO

19. Signing Features

This comparison examines digital signing capabilities, including hardware-backed artefact signing, key generation, approval notifications, batch processing and the recording of signing activity.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Artefact Signing in HSM

✅ Integrated code-signing using HSM

? Not specifically documented

✅ HSM-based code signing supported

✅ Key signing via EJBCA

❌ Not supported

New key per signing in HSM

✅ Dedicated keys per artifact supported

❌ Not applicable

✅ Configurable per signing flow

? Policy-based support

Notification to Sign

✅ Approval notifications supported

✅ Notifications for smartcard issuance

✅ Approval step notifications

? Workflow automation possible

Push Notification of Signing

? Push alerts via mobile app (configurable)

❌ Not supported

? Webhook-style alerts

Perform Batch Signing

✅ Batch signing via API/UI supported

✅ Batch signing supported

Signing Location recorded

✅ Location audit logged

✅ Logs smartcard ops

✅ Logs signing user/workstation

? Backend host logs

20. Supportability

This table compares vendor and product supportability considerations, including upgrade assistance, local support, security-cleared personnel, jurisdiction, government use, ticketing and relevant security certifications.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Ability to upgrade product between versions without requiring paid vendor assistance

?

?

?

?

Local vendor support including key development staff located in Australia

?

Local vendor support including development staff located in New Zealand

?

All development staff are security cleared Australian or New Zealand citizens

EULA jurisdiction based in Australia

?

In service with International Governments and Enterprise customers

?

?

?

In service to protect and manage All of Government PKI solution

?

Built in Ticket submission system

?

?

Certificate Authority is Common Criteria certified and NIAP listed

?

?

?

?

Vendor's ISMS certified to ISO/IEC 27001:2022

?

?

?

21. Token Management

This comparison covers the management of passwords, one-time passwords, smartcards, FIDO authenticators, YubiKeys, virtual smartcards and other hardware tokens throughout their lifecycle.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Password Management

?

One Time Password Management

Smart card Management

?

FIDO Management

Yubikey Management

?

?

Yubikey5

YubiHSM

?

Virtual Smart card Management

?

Batch Issuance

?

Hard Token Update Propagation

Tested and in service managing 100K+ Tokens

?

Remote Cancellation of Tokens

?

Extensive PIN Policies

?

Card Printing

?

Supports Fargo HDP5000 Printers

PIV Support – hardware

Support for custom business processes as part of support costs

?

?

Custom Applet injection

?

ECC Support

RSA Support

Token Stock Management

Key Archive/Recovery

Detailed Diagnostic/Trace Logging

?

?

?

22. Tools and Utilities

This table compares the supporting tools available for certificate discovery, code and document signing, certificate request decoding, SCEP workflows, signature validation and data encryption.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Certificate Discovery Tool

?

Code Signing Tool

?

Certificate Signing Tool

Certificate Signing Request Decode Tool

?

?

SCEP Support

SCEP with approval workflows

?

?

?

PDF Signing and Verification

?

?

?

Data Signing and Signature Validation

Data encryption/Decryption

23. Visitor Management

This comparison examines visitor management capabilities, including mobile device support, host notifications, image and evidence-of-identity capture, visit-history reporting and integration with identity or physical access systems.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

iOS Support

?

Android Support

?

Host Notifications

?

?

Image Capture

?

EOI Capture

Visit History Report

?

?

VMS record to Entra/PACS entry

24. Vulnerability Protection

This table compares selected security and vulnerability protection capabilities, including endpoint monitoring, firewall and proxy monitoring, and automated penetration testing.

Feature

Jellyfish

MyID

Venafi

Keyfactor + EJBCA

AppViewX

Endpoint Protection Monitoring

?

?

?

Support for monitoring of firewalls and proxy devices

?

?

?

Automated penetration testing

?