TrustMonitor

TrustMonitor

Home>Products>TrustMonitor

24/7 PKI Monitoring to Safeguard the Trust Fabric

Overview

Your organization's network security depends heavily on the integrity of the credentials used to gain access. The integrity of those credentials may be determined by services outside your control. Your servers exist on a router and switch-based network, and the credentials presented to those servers for access are supported by a trust network. Network status needs to extend beyond IP addresses and service availability to include trust and the integrity of connections, resources, and users.

TrustMonitor continuously monitors the trust network by:

  • Analyzing content and constraints for credential validity
  • Monitoring certification authority (CA) availability to provide validation support
  • Easily scaling to incorporate new CAs (no agent required)

TrustMonitor delivers instant notifications, impact analysis, and trend information on the real-time situational awareness necessary for assessing risks and minimizing service outages.

TrustMonitor supports incident response handling with alert features, reporting, and real-time and historic trend information on specific incidents.

Key Features

  • 24/7 CA, Certificate Revocation List, and Online Certificate Status Protocol infrastructure monitoring: Real-time global insight from the cloud for certificate relationships
  • Event notification: Minimize enterprise support and help desk response times
  • Analytics module: Measure and benchmark performance, outages, and event resolution
  • Non-proprietary: Monitor CAs regardless of vendor or operating system
  • Detection and monitoring of services requires no agent on CAs

ROCA Vulnerability Test

Every digital certificate user needs to know whether their identity credentials are susceptible to the Return of Coppersmith’s Attack (ROCA) vulnerability. Discovered by security researchers in 2017, the ROCA vulnerability is a glitch in a widely used cryptographic library that enables an attacker to mathematically calculate a private key from the value of a public key. The attacker could then use that fraudulent private key to impersonate someone who owns a smart card, forge their signature, decrypt and compromise data, gain unauthorized access to resources and assets, and perform other nefarious activities.

Using the same detection code the researchers authored, CertiPath created the free TrustMonitor ROCA Vulnerability Test tool that can accept bulk certificates or certificate bundles (in p7b format) and provide immediate results. The tool includes a set of test certificates containing vulnerable keys that can be used to confirm any ROCA test tool’s capabilities.

The tool requires no registration or software downloads. Access it at https://monitor.certipath.com/rsatest

Overview

Your organization's network security depends heavily on the integrity of the credentials used to gain access. The integrity of those credentials may be determined by services outside your control. Your servers exist on a router and switch-based network, and the credentials presented to those servers for access are supported by a trust network. Network status needs to extend beyond IP addresses and service availability to include trust and the integrity of connections, resources, and users.

TrustMonitor continuously monitors the trust network by:

  • Analyzing content and constraints for credential validity
  • Monitoring certification authority (CA) availability to provide validation support
  • Easily scaling to incorporate new CAs (no agent required)

TrustMonitor delivers instant notifications, impact analysis, and trend information on the real-time situational awareness necessary for assessing risks and minimizing service outages.

TrustMonitor supports incident response handling with alert features, reporting, and real-time and historic trend information on specific incidents.

Key Features

  • 24/7 CA, Certificate Revocation List, and Online Certificate Status Protocol infrastructure monitoring: Real-time global insight from the cloud for certificate relationships
  • Event notification: Minimize enterprise support and help desk response times
  • Analytics module: Measure and benchmark performance, outages, and event resolution
  • Non-proprietary: Monitor CAs regardless of vendor or operating system
  • Detection and monitoring of services requires no agent on CAs

ROCA Vulnerability Test

Every digital certificate user needs to know whether their identity credentials are susceptible to the Return of Coppersmith’s Attack (ROCA) vulnerability. Discovered by security researchers in 2017, the ROCA vulnerability is a glitch in a widely used cryptographic library that enables an attacker to mathematically calculate a private key from the value of a public key. The attacker could then use that fraudulent private key to impersonate someone who owns a smart card, forge their signature, decrypt and compromise data, gain unauthorized access to resources and assets, and perform other nefarious activities.

Using the same detection code the researchers authored, CertiPath created the free TrustMonitor ROCA Vulnerability Test tool that can accept bulk certificates or certificate bundles (in p7b format) and provide immediate results. The tool includes a set of test certificates containing vulnerable keys that can be used to confirm any ROCA test tool’s capabilities.

The tool requires no registration or software downloads. Access it at https://monitor.certipath.com/rsatest