Certificates are an important part of security for organizations but they’re not without risks. These include certificates with long lifespans (one in every 13 certificates have lifespans over two years), certificates without key usage (one in every 25 certificates), certificates with negative serial numbers (one in every 27 certificates), and unsanctioned domain usage.
Keyfactor is launching a Command Risk Intelligence which will visibility into every certificate in use and helps teams proactively identify and mitigate certificate-related risks before they disrupt business operations.
Certificates without key usage are a particularly prevalent certificate risk. These don’t explicitly include a key usage field, allowing anyone holding the private key to be trusted. Domain usage is also a major concern because unsanctioned certificates could indicate the presence of shadow IT or be used in phishing attacks.
Command Risk Intelligence equips security teams with enhanced visibility with advanced discovery, with the world’s largest internet certificate database, teams gain complete visibility of all known and unknown certificates.
It also delivers a dynamic risk score with details so teams can understand why their current certificates present risks and track remediation over time. Teams can also take action to remediate risks through integrated search and automation capabilities right from Keyfactor Command, streamlining operations and ensuring prioritized remediation based on risk.
“Certificates are the backbone of trust, but only when issued, managed, secured and governed properly,” says Ted Shorter, CTO of Keyfactor. “Keyfactor’s strong certificate discovery capabilities manage large amounts of certificate data, empowering organizations with incredible visibility. Our new risk intelligence capabilities are an exciting step forward, providing actionable insights into an organization’s hidden risks to further secure its digital trust footprint.”
You can find out more on the Keyfactor site.
Image Credit: maxkabakov/depositphotos.com
