Security measures are only as good as the people or credentials you trust. Recent high profile data breaches have shined a spotlight on the risks of imposters masquerading as legitimate users or business partners to gain access to critical data and resources.
The information security industry is expected to top $75B in 2015, yet the primary focus remains on impeding network-based intrusions and malicious content in emails with very little focus on identity-based threats. To-date identity access management has been relegated to a reactive capability useful for audits and accountability, but hamstrung when it comes to proactive identity-based intrusions. The fact is that if your credentials seem legitimate, they are treated as legitimate. There has been no component of the security model focused on the ability to monitor, validate, and/or proactively deauthorize credentials that are deemed a threat.
By leveraging our experience as the creator and operator of Federated Trust, we were able to refine a decade of identity management and monitoring expertise into a suite of security products that help enterprise networks see what they trust and trust what they see. TrustMonitor™ analyzes the trust network by monitoring all issuers and credential metrics, while TrustValidator™ performs a vetting of the certificates used to sign emails and the security reputation of the certificate authorities.
CertiPath focuses on the use of digital identity in the modern connected world. Trusted digital identities are one of the most important components to securing your network, data and buildings but achieving ubiquitous trust online has been a challenge for 30 years.