Spring 2026 Product Release

AppViewX’s latest platform release is built around two realities reshaping enterprise PKI: the CA/B Forum’s 47-day public certificate renewal mandate and the shift to post-quantum cryptography. The new features and capabilities in the product will help enterprises automate their certificate lifecycle programs and modernize their PKI infrastructure while ensuring day-to-day operations across complex environments continue to work as expected.

Higher-frequency issuance, renewal, revocation, and repeated domain control validation expose operational weak points across existing PKI and certificate automation workflows, particularly at the last mile, where certificates are deployed and bound to applications. Manual processes that were sufficient when certificates renewed annually are likely to lead to certificate-based outages when that same certificate must be updated 8 times per year.

Most enterprises already have PKI in place. However, accelerated digital transformation and the rapid growth of IoT and connected devices are pushing legacy, on-premises systems such as Microsoft ADCS (Active Directory Certificate Services) beyond their limits. Managing these environments also introduces significant operational overhead and ongoing resource costs. As a result, organizations need a modern, scalable, cloud-based PKI that reduces operational burden while supporting both legacy and modern use cases across complex hybrid environments.

Spring 2026 Release Highlights

Our Spring 2026 release focuses on clearing the path to PKI modernization and achieving crypto agility. It strengthens the reliability of high-frequency operations, introduces PKI migration foundations for complex environments, and expands cryptographic visibility to support both PKI modernization and post-quantum cryptography (PQC) initiatives.

Together, these enhancements help teams move from stalled CLM initiatives and legacy Microsoft ADCS systems to measurable progress without forcing the rip-and-replace of existing tools.

Optimized PKI Deployment

Many enterprises rely on PKI environments that evolved over time, often anchored in Microsoft ADCS and shaped by years of customization. While these environments remain functional, modernizing can feel risky. Large-scale re-architecture, downtime concerns, and tightly coupled configurations can be intimidating and usually stall PKI initiatives before progress begins.

The new AVX PKI updates are designed to support phased, lower-risk transitions from legacy PKI environments like Microsoft ADCS. Rather than forcing disruptive cutovers, these foundations enable enterprises to modernize their PKI incrementally while maintaining uptime, security, and compliance.

This approach reflects the reality of enterprise PKI: modernization must occur alongside existing operations, not at the expense of them. By lowering architectural and operational barriers, AVX provides a practical starting point for organizations that need to move forward without putting the operations of the business at risk.

Key benefits

• Reduce PKI modernization risk and friction in legacy or highly customized environments.
• Lower resource overhead with a shift from on-premises to a cloud-native PKI solution.
• Establish a controlled, phased path toward modern PKI aligned to enterprise operating realities.

Expanded Agentless Discovery and PQC Visibility

Effective PKI modernization and PQC planning depend on visibility. Security teams need to understand where certificates and cryptographic algorithms are used today in order to plan for future changes.

As part of the Spring Release, we have enhanced our agentless discovery capabilities to improve insight into certificates and cipher usage across hybrid environments without requiring additional agents or infrastructure. These enhancements provide a clearer, auditable view of an organization’s cryptographic posture, helping teams identify gaps, prioritize remediation, and plan next steps for post-quantum readiness.

By improving visibility without adding operational overhead, the AVX platform helps teams strengthen cryptographic posture awareness while keeping environments lean and manageable.

Key benefits

• Expand discovery and insight without deploying additional agents or new infrastructure burden.
• Gain clear, auditable visibility into certificates and cipher usage across environments.
• Improve cryptographic posture assessment and planning for post-quantum cryptography readiness.

Resilient Last-Mile Automation

As certificate lifetimes shorten and the number of managed certificates grows due to the rise of machine identities and agentic AI, reliability at the last mile becomes critical. While issuance and renewal are often automated, deployment, binding, and validation remain the most failure-prone stages of the certificate lifecycle.

This release strengthens last-mile automation with enhanced resiliency improvements designed for high-frequency operations. Enhancements such as automated retries and reliability controls help ensure successful certificate deployment as renewal frequency increases.

By taking a proactive approach to automation monitoring and response, AVX CLM helps teams scale certificate lifecycle operations without reverting to manual intervention or risking outages under 47-day TLS requirements.

Key benefits

• Operationalize certificate lifecycle automation under a higher renewal frequency driven by the 47-day TLS mandate.
• Reduce deployment failures by ensuring a post-push validation.
• Maintain stability and reliability as issuance, renewal, and domain control validation (DCV) automation scales.

Policy Engine Enhancements

As certificate operations increase in frequency, speed and consistency become just as important as automation itself. Custom workflows and one-off configurations are often time-consuming to implement and even harder to maintain as environments scale, slowing time-to-value and increasing operational overhead.

The Policy Engine enhancements in AVX CLM expand coverage across additional certificate lifecycle scenarios, helping enterprises standardize common workflows, reduce reliance on custom automation, and improve consistency while lowering ongoing maintenance effort.

Key benefits

• Standardize repeatable certificate lifecycle workflows aligned to enterprise best practices.
• Generate new Private Keys on endpoints during certificate re-enrollment.
• Improve consistency, predictability, and governance across certificate operations.

Enabling Progress Without Disruption

Individually, each enhancement addresses a specific operational challenge. Taken together, they remove friction and enable enterprises to modernize PKI, scale certificate lifecycle automation, and improve cryptographic visibility and posture management without disrupting operations.

The Spring 2026 Release is now available. Find full release notes and resources on the Product Release Hub or contact your customer success team for questions. You can also download the Spring Product Datasheet to learn more.

Frequently Asked Questions

How does this release support PKI modernization from Microsoft ADCS?
The Spring 2026 Release introduces enhancements that support phased transitions from Microsoft ADCS environments, helping reduce disruption and PKI modernization risk.

How does AppViewX help meet 47-day TLS requirements?
The AVX platform provides automated, centralized certificate lifecycle management (CLM) to handle rapid renewals, enforce strict policies (like new key generation), and gain visibility across complex hybrid environments, preventing outages and ensuring continuous compliance without manual overload. The platform automates discovery, domain control validation (DCV), provisioning, and monitoring, effectively transforming a daunting renewal cycle into manageable, policy-driven operations. The Spring 2026 Release strengthens certificate lifecycle automation and last-mile reliability, enabling operations to scale under higher renewal frequency and repeated domain control validation.

What visibility does this release provide for PQC readiness?
Expanded agentless discovery improves insight into certificates and cipher usage, supporting auditability and planning for post-quantum cryptography.

Do these enhancements require new agents or re-architecture?
No. The Spring 2026 Release enhancements are designed to reduce friction and operational risk without requiring new agents or large-scale re-architecture.