CertiPath has distilled over a decade of providing services in the secure credential market into a suite of Identity Products that represent the next wave of security for the enterprise. CertiPath’s unique ability to monitor, analyze, and detect misplaced online trust due to improperly used, expired, or compromised credentials addresses a significant exposure in the identity and access management industry.
Continuous monitoring of the trust network both inside and outside an enterprise network is necessary to ensure that the credentials being used are not only valid, but also not being used in a way that would indicate misuse. CertiPath analyzes identities to ensure they:
Email continues to be a primary attack vector for malware and phishing identity scams. Some enterprises have tried to incorporate certificate-based systems not realizing that not all signed emails or certificate authorities can be trusted. CertiPath’s TrustValidator™ monitors incoming emails, analyzes the certificate being used to sign the email, and advises the user on the trustworthiness of that email before exposing them to possible threats.
Email is the largest attack vector in cyberspace today. While this is not a revelation, advanced spear phishing and hidden malware are on the rise. The increasing use of signed and encrypted email has inadvertently made email the most damaging, highest value attack vector available.
Credentialing for Commercial Identity Verification Made Simple
A CIV card is a Commercial Identity Verification smart card, previously known as a PIV-Compatible card. It is a credential that provides rapid issuance, and low cost use of PIV technology to meet an organization’s needs in both logical and physical access applications. For those without the need for external trust, CertiPath CIV credentials enable internal trust within an organization, through explicit definition of PKI policies and practices.
For organizations with an in-house IT capability and/or larger volumes of employees, CertiPath’s TrustManager solution offers a complete system that contains everything needed to start issuing CIV cards. Application and database server tiers are deployed on-site rather than in the cloud, which means that you have total control over your infrastructure, credential issuance and use.
Many organizations struggle to implement a uniform visitor authoriza1on process and policy. A visit request and authoriza1on workflow is cri1cal element leading into the provisioning of a visitor creden1al. Cer1Path’s TrustVisitor™ module provides this capability and much more.
Visitors will not always require a creden1al from TrustManager. It is more secure to rely on a trusted creden1al from your visitor’s employer if they have been issued one (e.g., CAC, PIV, PIV-‐I). In addi1on to visit requests and approval, TrustVisitor provides valida1on and registra1on of trusted 3rd party creden1als via a web browser your visitor’s can use to register in advance. Pre-‐provisioned creden1als are queued-up for approval and access to local systems.