It’s another exciting day at Venafi and another great product release! I am thrilled to announce the release and availability of Venafi Trust Protection Platform version 14.2. This release represents our ongoing commitment and priority to prevent our customers from being vulnerable to key and certificate threats. In this latest release, we focus on improving certificate threat visibility, anomaly detection, and vulnerability remediation.
In order for organizations to detect key and certificate anomalies and vulnerabilities, they must first have a clear and in depth visibility across their entire environment. And with the increasing attacks on keys and certificates, organizations must be able to proactively detect and continuously monitor anomalies and vulnerabilities as new threats and breaches occur.
In this release, we supercharged our Certificate Dashboard to aid in the detection and continuous monitoring of certificate anomalies. The newly enhanced Certificate Dashboard gives organizations a comprehensive, real-time view of their entire SSL certificate inventory, so they can quickly detect critical SSL security vulnerabilities and anomalies.
Certificate Vulnerability Trending
Certificate trending graphs gives a view of all of the critical certificate statistics over time, so security teams can proactively identify imminent risk patterns, discover any weak links, and respond faster to attacks on certificates.
With the Certificate Trending graphs, security analysts can identify if and when vulnerabilities are increasing and the progress in addressing those vulnerabilities. You can select different trending graphs from key lengths, signing algorithms, key algorithms, validity periods, and certificate types.
In addition, monitoring critical certificate statistics allows organizations to track their remediation and security improvements over time and show they are improving their security posture. As an example, if there’s a sudden spike in MD5 certificates from a group who inadvertently deployed MD5 certificates with a new application, administrators can quickly identify this vulnerability, establish a remediation plan, and track the replacement of the vulnerable certificates until it is fully addressed.
Critical Certificate Alerts
The “Critical Alerts” section quickly highlights and identifies these critical certificate vulnerabilities:
- Weak key lengths of 1024-bits or less
- Weak signing algorithms such as SHA1 and MD5
- Validity periods of greater than two years
- Certificates expiring within 15 days
- Wildcard certificates
This is useful, for instance, when a security analyst sees a critical alert that must be addressed. They can immediately get detailed information about the vulnerable certificates and take action.
90-day Expiration View
The Certificate Dashboard provides the ability to graphically view certificate expirations and zoom in and out on any particular timeframe to get a list of certificates.
Splunk Integration—Certificate Vulnerability
Venafi TrustAuthority can automatically feed critical certificate alerts and trends to other security systems and analytics such as SIEM vendor, Splunk.
These are just some of the highlights of the version 14.2 release. For more details on the release, please contact your local Venafi account representative.
We will continue to help our customers identify and fix their key and certificate vulnerabilities, detect new threats and breaches in real-time, and ensure that when breaches do happen that they have the power to respond and take action. Venafi Trust Protection Platform 14.2 is available now.