This article originally appeared on Info Security Magazine. Click the link below for the full version.
With code signing cyber-attacks on the rise, certificate legitimacy is a growing concern. Digital certificates are a core tenet of security, and when mis-issue events occur, the standards of trust that businesses expect from their software and CA providers is fractured.
The importance of iron-clad, encrypted and code signed certificates, combined with a growing number of digital identities within the corporate network, means that gaining complete visibility to all certificates is fundamental to an organization’s over-arching security strategy. Whether you’re a global software provider, a certificate authority (CA), or a business that relies on software consumption and CA vendors, a mass certificate revocation event is expensive and inconvenient.
