This article provides a consolidated feature-by-feature comparison of Cogito Jellyfish, MyID, Venafi, Keyfactor with EJBCA, and AppViewX. It brings together certificate lifecycle management, identity, key management, token management, access control, integrations, infrastructure compatibility, reporting, supportability and related capabilities in one reference article.
1. Certificate Management
This comparison examines core certificate lifecycle management capabilities, including certificate discovery, issuance, renewal, expiry notifications, policy enforcement, approval workflows and integrations with external certificate services and cloud key vaults.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Support for Domain violation reporting | ✅ | ❌ | ? | ❌ | ❌ |
Multiple SAN support in user certificates | ✅ | ✅ | ✅ | ✅ | ✅ |
Replacement for soft certificate issuing interfaces w/o additional licensing | ✅ | ❌ | ❌ | ✅ | ✅ |
Manage soft & smartcard certs incl. relationships | ✅ | ✅ | ? | ✅ | ❌ |
Complex Boolean certificate search | ✅ | ❌ | ✅ | ✅ | ? |
Certificate Expiry Notifications | ✅ | ✅ | ✅ | ✅ | ✅ |
Certificate Discovery | ✅ | ❌ | ✅ | ✅ | ✅ |
Automated Certificate Renewal | ✅ | ✅ | ✅ | ✅ | ✅ |
Certificate Polling | ✅ | ❌ | ✅ | ✅ | ✅ |
External Certificate Management (e.g. DigiCert, Let's Encrypt) | ✅ | ❌ | ✅ | ✅ | ✅ |
Complex certificate policy management (CSR rules) | ✅ | ✅ | ✅ | ✅ | ✅ |
Certificate request approval workflows | ✅ | ✅ | ✅ | ✅ | ✅ |
Kubernetes Certificate Management | ✅ | ❌ | ✅ | ✅ | ✅ |
ACM Certificate Management | ✅ | ❌ | ✅ | ✅ | ✅ |
Azure KeyVault Certificate Management | ✅ | ❌ | ✅ | ✅ | ✅ |
Certificate Approval Workflows | ✅ | ✅ | ✅ | ✅ | ✅ |
User Configurable Certificate Expiries | ✅ | ✅ | ✅ | ✅ | ✅ |
2. CMDB Features
This table compares configuration management database capabilities, including asset tracking, ownership relationships, certificate associations and the ability to search across certificate, user and device records.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Full CMDB capability | ✅ | ❌ | ❌ | ? | ? |
Tracking and maintenance of asset details | ✅ | ✅ | ? | ✅ | ? |
Maintain association between device, owner, user, location, and certificates | ✅ | ✅ | ? | ✅ | ? |
User and device centric management | ✅ | ✅ | ? | ✅ | ? |
Link between CMDB and CLM | ✅ | ❌ | ✅ | ✅ | ✅ |
Search for certificates based on any field available to the CMDB | ✅ | ❌ | ✅ | ✅ | ✅ |
Search for device or user based on any field available in the certificate | ✅ | ✅ | ? | ✅ | ? |
3. Access Control
This comparison covers logical and physical access control capabilities, including credential searches, workflow customisation, security-zone management and the exchange of information between building access and ICT systems.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Search for credentials | ✅ | ✅ | ✅ | ✅ | ✅ |
Transfer information between building and ICT systems (LAC to PAC joiner) | ✅ | ❌ | ❌ | ❌ | ❌ |
Workflow customisation | ✅ | ✅ | ✅ | ✅ | ✅ |
Control Physical security zones via AD groups | ✅ | ? | ? | ? | ❌ |
Log/lock/deny access based on location mismatch | ✅ | ❌ | ❌ | ❌ | ❌ |
Visualisation of user/zones/computers activity | ✅ | ❌ | ❌ | ❌ | ❌ |
4. Configuration Management
This table compares each platform’s ability to register assets, maintain asset information and establish relationships between devices, owners, users, locations and certificates.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Asset Registration | ✅ | ✅ | ? | ✅ | ? |
Tracking and maintenance of asset details | ✅ | ✅ | ? | ✅ | ? |
Maintain association between device, owner, user, location, and certificates | ✅ | ✅ | ? | ✅ | ? |
5. Customisation
This comparison examines platform customisation options, including corporate branding, configurable registration details and the ability to adapt workflows to organisational requirements.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
White Label / Corporate colours and logo | ✅ | ✅ | ? | ? | ✅ |
Registration detail customisation | ✅ | ✅ | ✅ | ✅ | ✅ |
Workflow customisation | ✅ | ✅ | ✅ | ✅ | ✅ |
6. Data Synchronisation
This table compares data synchronisation and provisioning capabilities, including configurable create, read, update and delete operations, directory changes, application-to-application synchronisation and support for HR-driven workflows.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Ability to replace other data sync tools | ✅ | ✅ | ? | ? | ? |
Broad and customisable support for CRUD activities | ✅ | ✅ | ✅ | ✅ | ✅ |
Replacement for other registration and provisioning tools | ✅ | ✅ | ❌ | ? | ? |
Affect directory changes such as the addition of OUs | ✅ | ✅ | ❌ | ? | ❌ |
Synchronise changes in one application to another | ✅ | ✅ | ? | ✅ | ✅ |
HR workflow support | ✅ | ✅ | ❌ | ? | ? |
7. Directory Integration
This comparison covers integration with directory technologies such as Active Directory and LDAP, as well as support for directory migration, role changes and certificate or access updates associated with user movement.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Multiple Directory Support (AD, LDAP, etc.) | ✅ | ✅ | ✅ | ✅ | ✅ |
Ability to change from one directory product to another | ✅ | ✅ | ? | ✅ | ? |
Support for change in position or role (affecting certificate/card access) | ✅ | ✅ | ✅ | ✅ | ✅ |
Ability to replace LDAP or Corporate Directory | ✅ | ❌ | ❌ | ❌ | ❌ |
8. Infrastructure Compatibility
This table compares infrastructure support across databases, operating systems, hardware security modules and multi-tenant or multi-organisation deployment models.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Supports SQL Database for Data Storage | ✅ | ✅ | ✅ | ✅ | ✅ |
Supports Windows Server 2012/2012r2/2016/2019/Linux | ✅ | ✅ | ✅ | ✅ | ✅ |
HSM Support | ✅ | ✅ | ✅ | ✅ | ✅ |
HSM Key Management Support | ✅ | ✅ | ✅ | ✅ | ✅ |
YubiHSM2 Support | ✅ | ? | ? | ✅ | ❌ |
nCipher Support | ✅ | ✅ | ✅ | ✅ | ✅ |
Thales/SafeNet Support | ✅ | ✅ | ✅ | ✅ | ✅ |
Utimaco Support | ✅ | ✅ | ✅ | ✅ | ✅ |
True multi-tenant / multi-organisation architecture (shared or isolated) | ✅ | ? | ? | ? | ✅ |
9. Identity Management
This comparison examines identity management capabilities, including account provisioning and deprovisioning, application and device management, identity-provider functionality and relationships between users, devices and services.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Account provisioning and deprovisioning | ✅ | ✅ | ❌ | ? | ? |
Account provisioning and deprovisioning from mobile app | ✅ | ❌ | ❌ | ❌ | ❌ |
Application provisioning and management | ✅ | ✅ | ? | ? | ✅ |
Device management | ✅ | ✅ | ❌ | ? | ✅ |
Bulk device creation / updates | ✅ | ? | ❌ | ? | ✅ |
Can act as an Identity Provider and Service Provider | ✅ | ❌ | ✅ | ✅ | ✅ |
Relationship building between Identities such as Devices, Services and Users. | ✅ | ❌ | ❌ | ❌ | ❌ |
10. Key Management
This table compares cryptographic key management capabilities across hardware security modules and cloud services, including key generation, monitoring, wrapping, post-quantum cryptography and hold-your-own-key models.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Management of keys in hardware including HSMs | ✅ | ✅ | ✅ | ✅ | ✅ |
Monitor health of HSMs | ✅ | ? | ✅ | ✅ | ✅ |
Boolean search capability | ✅ | ❌ | ✅ | ✅ | ? |
Generate keys in HSM, browser, server | ✅ | ✅ | ? | ✅ | ? |
PQC key creation and management | ✅ | ❌ | ? | ✅ | ✅ |
Key creation/wrapping for AWS KMS | ✅ | ❌ | ✅ | ✅ | ✅ |
Key creation/wrapping for Azure KeyVault | ✅ | ❌ | ✅ | ✅ | ✅ |
Key creation/wrapping for Google CSE | ✅ | ❌ | ? | ? | ❌ |
Key creation/wrapping for Salesforce | ✅ | ❌ | ❌ | ? | ? |
Hold Your Own Key (HYOK) support for cloud/SaaS encryption (e.g. O365) | ✅ | ❌ | ❌ | ❌ | ❌ |
11. Mobile Device Management Integration
This comparison examines each platform’s ability to manage certificates for mobile devices and integrate with mobile device management solutions such as Microsoft Intune, MobileIron and VMware AirWatch.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Manage certificates for mobile devices | ✅ | ✅ | ✅ | ✅ | ✅ |
Direct interface with MobileIron, AirWatch, Intune | ✅ | ? | ✅ | ✅ | ✅ |
Support for MobileIron, AirWatch, Intune | ✅ | ? | ✅ | ✅ | ✅ |
12. Monitoring
This table compares monitoring capabilities for hardware and supporting services, including health monitoring, issue investigation and integration with security information and event management systems.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Monitor health of hardware and services (HSMs, servers) | ✅ | ? | ✅ | ✅ | ✅ |
Drill into the issue within the interface | ✅ | ❌ | ✅ | ✅ | ✅ |
SIEM interface and reporting | ✅ | ? | ✅ | ✅ | ✅ |
13. Notifications
This comparison covers the notification channels and configurations available across the platforms, including email, group notifications, SMS and integrations with operational alerting applications.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Email Notifications | ✅ | ✅ | ✅ | ✅ | ✅ |
Custom/group email notifications | ✅ | ? | ✅ | ✅ | ✅ |
SMS Notifications | ✅ | ❌ | ? | ? | ✅ |
Application notification support (e.g., PagerDuty) | ✅ | ❌ | ✅ | ✅ | ✅ |
14. Physical Access Control Systems
This table compares capabilities for integrating with physical access control systems, including provisioning and deprovisioning, event-based automation, monitoring, plugin support and physical credential technologies.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Provisioning and Deprovisioning into PACs | ✅ | ✅ | ❌ | ❌ | ❌ |
PACs activity triggering events in other systems | ✅ | ? | ❌ | ❌ | ❌ |
Support for PACs monitoring and triggering of events in disparate systems | ✅ | ? | ❌ | ❌ | ❌ |
Plugin API for PACs | ✅ | ? | ❌ | ❌ | ❌ |
MIFARE DESFire EV1 Support | ✅ | ✅ | ❌ | ❌ | ❌ |
Detailed Diagnostic/Trace Logging | ✅ | ✅ | ? | ? | ? |
15. Reporting
This comparison examines reporting capabilities across certificates, identity and access management, network discovery, usage, physical access, auditing and custom reporting requirements.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Advanced certificate reporting including graphs | ✅ | ? | ✅ | ✅ | ✅ |
Domain whitelisting and reporting of out-of-scope certificates | ✅ | ❌ | ✅ | ✅ | ✅ |
IdAM reporting | ✅ | ✅ | ❌ | ? | ❌ |
Invoice reporting | ✅ | ✅ | ? | ? | ? |
Network scan reporting | ✅ | ❌ | ✅ | ✅ | ✅ |
Usage reporting | ✅ | ✅ | ✅ | ✅ | ✅ |
PACs reporting | ✅ | ✅ | ❌ | ❌ | ❌ |
Audit reporting | ✅ | ✅ | ✅ | ✅ | ✅ |
Custom Reporting | ✅ | ? | ? | ✅ | ✅ |
16. Self-Service
This table compares self-service capabilities for access requests, application provisioning, workflow approvals and password reset or synchronisation.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Replace network access request solutions | ✅ | ✅ | ❌ | ? | ✅ |
User self-service for app/access provisioning | ✅ | ✅ | ? | ? | ✅ |
Workflows for app/access requests (single/multi-stage) | ✅ | ✅ | ✅ | ✅ | ✅ |
Self-service password reset (non-smartcard apps) | ✅ | ✅ | ✅ | ? | ❌ |
Password sync on reset (multi-apps) | ✅ | ? | ❌ | ? | ❌ |
17. Support and Operational Monitoring
This comparison covers operational support capabilities, including audit logging, ticket management, systems monitoring, endpoint protection monitoring and SIEM integration.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Audit Logging and Reporting | ✅ | ✅ | ✅ | ✅ | ✅ |
Support ticketing | ✅ | ? | ? | ? | ✅ |
Support for Systems monitoring | ✅ | ? | ✅ | ✅ | ✅ |
Support for Endpoint protection monitoring | ✅ | ❌ | ? | ❌ | ❌ |
System Incident Event Monitoring (SIEM) integration | ✅ | ✅ | ✅ | ✅ | ✅ |
18. Single Sign-On Support
This table compares support for common single sign-on and authentication protocols, including LDAP, Kerberos, OpenID Connect, SAML and certificate-based authentication.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Supports LDAP based authentication for SSO | ✅ | ✅ | ✅ | ✅ | ✅ |
Supports Kerberos based authentication for SSO | ✅ | ❌ | ? | ✅ | ❌ |
Supports OpenID Connect based authentication for SSO | ✅ | ❌ | ✅ | ✅ | ✅ |
Supports SAML based authentication for SSO | ✅ | ? | ✅ | ✅ | ✅ |
Supports Certificate based authentication for SSO | ✅ | ✅ | ✅ | ✅ | ✅ |
19. Signing Features
This comparison examines digital signing capabilities, including hardware-backed artefact signing, key generation, approval notifications, batch processing and the recording of signing activity.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Artefact Signing in HSM | ✅ Integrated code-signing using HSM | ? Not specifically documented | ✅ HSM-based code signing supported | ✅ Key signing via EJBCA | ❌ Not supported |
New key per signing in HSM | ✅ Dedicated keys per artifact supported | ❌ Not applicable | ✅ Configurable per signing flow | ? Policy-based support | ❌ |
Notification to Sign | ✅ Approval notifications supported | ✅ Notifications for smartcard issuance | ✅ Approval step notifications | ? Workflow automation possible | ❌ |
Push Notification of Signing | ? Push alerts via mobile app (configurable) | ❌ Not supported | ? Webhook-style alerts | ❌ | ❌ |
Perform Batch Signing | ✅ Batch signing via API/UI supported | ❌ | ✅ Batch signing supported | ❌ | ❌ |
Signing Location recorded | ✅ Location audit logged | ✅ Logs smartcard ops | ✅ Logs signing user/workstation | ? Backend host logs | ❌ |
20. Supportability
This table compares vendor and product supportability considerations, including upgrade assistance, local support, security-cleared personnel, jurisdiction, government use, ticketing and relevant security certifications.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Ability to upgrade product between versions without requiring paid vendor assistance | ✅ | ? | ? | ? | ? |
Local vendor support including key development staff located in Australia | ✅ | ❌ | ❌ | ❌ | ? |
Local vendor support including development staff located in New Zealand | ✅ | ❌ | ❌ | ❌ | ? |
All development staff are security cleared Australian or New Zealand citizens | ✅ | ❌ | ❌ | ❌ | ❌ |
EULA jurisdiction based in Australia | ✅ | ? | ❌ | ❌ | ❌ |
In service with International Governments and Enterprise customers | ✅ | ? | ✅ | ? | ? |
In service to protect and manage All of Government PKI solution | ✅ | ❌ | ? | ❌ | ❌ |
Built in Ticket submission system | ✅ | ? | ✅ | ? | ✅ |
Certificate Authority is Common Criteria certified and NIAP listed | ✅ | ? | ? | ? | ? |
Vendor's ISMS certified to ISO/IEC 27001:2022 | ✅ | ? | ? | ? | ✅ |
21. Token Management
This comparison covers the management of passwords, one-time passwords, smartcards, FIDO authenticators, YubiKeys, virtual smartcards and other hardware tokens throughout their lifecycle.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Password Management | ✅ | ✅ | ❌ | ? | ❌ |
One Time Password Management | ✅ | ❌ | ❌ | ❌ | ❌ |
Smart card Management | ✅ | ✅ | ? | ❌ | ❌ |
FIDO Management | ✅ | ❌ | ❌ | ❌ | ✅ |
Yubikey Management | ✅ | ? | ? | ❌ | ❌ |
Yubikey5 | ✅ | ❌ | ❌ | ❌ | ❌ |
YubiHSM | ✅ | ❌ | ✅ | ✅ | ? |
Virtual Smart card Management | ✅ | ? | ❌ | ❌ | ❌ |
Batch Issuance | ✅ | ✅ | ❌ | ? | ❌ |
Hard Token Update Propagation | ✅ | ✅ | ❌ | ❌ | ❌ |
Tested and in service managing 100K+ Tokens | ✅ | ? | ❌ | ❌ | ❌ |
Remote Cancellation of Tokens | ✅ | ✅ | ❌ | ? | ❌ |
Extensive PIN Policies | ✅ | ✅ | ❌ | ? | ❌ |
Card Printing | ✅ | ? | ❌ | ❌ | ❌ |
Supports Fargo HDP5000 Printers | ✅ | ❌ | ❌ | ❌ | ❌ |
PIV Support – hardware | ✅ | ✅ | ❌ | ❌ | ❌ |
Support for custom business processes as part of support costs | ✅ | ? | ❌ | ❌ | ? |
Custom Applet injection | ✅ | ? | ❌ | ❌ | ❌ |
ECC Support | ✅ | ✅ | ✅ | ✅ | ✅ |
RSA Support | ✅ | ✅ | ✅ | ✅ | ✅ |
Token Stock Management | ✅ | ✅ | ❌ | ❌ | ❌ |
Key Archive/Recovery | ✅ | ✅ | ❌ | ✅ | ❌ |
Detailed Diagnostic/Trace Logging | ✅ | ✅ | ? | ? | ? |
22. Tools and Utilities
This table compares the supporting tools available for certificate discovery, code and document signing, certificate request decoding, SCEP workflows, signature validation and data encryption.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Certificate Discovery Tool | ✅ | ? | ✅ | ✅ | ✅ |
Code Signing Tool | ✅ | ✅ | ✅ | ? | ✅ |
Certificate Signing Tool | ✅ | ✅ | ✅ | ✅ | ✅ |
Certificate Signing Request Decode Tool | ✅ | ✅ | ? | ✅ | ? |
SCEP Support | ✅ | ✅ | ✅ | ✅ | ✅ |
SCEP with approval workflows | ✅ | ? | ❌ | ? | ? |
PDF Signing and Verification | ✅ | ✅ | ? | ? | ? |
Data Signing and Signature Validation | ✅ | ✅ | ✅ | ✅ | ✅ |
Data encryption/Decryption | ✅ | ✅ | ✅ | ✅ | ✅ |
23. Visitor Management
This comparison examines visitor management capabilities, including mobile device support, host notifications, image and evidence-of-identity capture, visit-history reporting and integration with identity or physical access systems.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
iOS Support | ✅ | ❌ | ❌ | ❌ | ? |
Android Support | ✅ | ❌ | ❌ | ❌ | ? |
Host Notifications | ✅ | ? | ❌ | ❌ | ? |
Image Capture | ✅ | ❌ | ❌ | ❌ | ? |
EOI Capture | ✅ | ❌ | ❌ | ❌ | ❌ |
Visit History Report | ✅ | ? | ❌ | ❌ | ? |
VMS record to Entra/PACS entry | ✅ | ❌ | ❌ | ❌ | ❌ |
24. Vulnerability Protection
This table compares selected security and vulnerability protection capabilities, including endpoint monitoring, firewall and proxy monitoring, and automated penetration testing.
Feature | Jellyfish | MyID | Venafi | Keyfactor + EJBCA | AppViewX |
Endpoint Protection Monitoring | ✅ | ❌ | ? | ? | ? |
Support for monitoring of firewalls and proxy devices | ✅ | ❌ | ? | ? | ? |
Automated penetration testing | ? | ❌ | ❌ | ❌ | ❌ |