Venafi, the leading provider of Next Generation Trust Protection, today announced Venafi TrustNet, a cloud-based reputation service designed to protect enterprises from the growing threat of cryptographic key and digital certificate abuse. According to new Ponemon Institute research, 100% of over 2,300 organizations surveyed have responded to multiple attacks on keys and certificates in the last two years. Threat research from FireEye, Intel, Kaspersky, and Mandiant consistently identifies the misuse of keys and certificates as an important part of APT and cybercriminal operations to infiltrate and steal intellectual property (IP), other valuable data, and money. TrustNet detects anomalies and vulnerabilities associated with keys and certificates across the Internet and alerts security teams. TrustNet works with the existing Venafi products so customers can quickly respond by blacklisting certificates and replacing vulnerable keys and certificates.
The world’s economy is dependent on the trust keys and certificates provide. Without them, it is impossible to identify websites, transactions, communications, apps, and more as trusted or not. The new Ponemon Institute, 2015 Cost of Failed Trust Report found the average Global 5000 organization has almost 24,000 keys and certificates used to identity applications, devices, and servers. The growing use of SSL/TLS has attracted cybercriminal interest in order to gain trusted network status and to exfiltrate data undetected. According to Gartner analysts Jeremy D’Hoinne and Adam Hils, “Gartner believes that, in 2017, more than half of the network attacks targeting enterprises will use encrypted traffic to bypass controls, up from less than 5% today” (Gartner, Security Leaders Must Address Threats From Rising SSL Traffic, December 2013, refreshed January 2015).
Intel cybersecurity researchers predict the next large-scale hacker marketplace will be in the sale of stolen digital certificates. The cybercriminal marketplace already prices a stolen certificate at almost $1000 each, and rising. As a result of increased attacks on keys and certificates, half of IT security professionals now believe the trust their business is dependent on to operate is in jeopardy according to Ponemon research.
TrustNet is the first service that identifies the malicious use of certificates. It scores their reputation by combing global sensor networks, data collection, analytics, and tuned algorithms along with data submitted by Venafi enterprise customers. TrustNet provides real-time reputation on millions of digital certificates globally as well as the trustworthiness of Certificate Authorities (CAs) worldwide. TrustNet also monitors the Google Certificate Transparency initiative to quickly identify fraudulent issuance of digital certificates. With this insight, TrustNet can help stop Man-in-the-Middle attacks, advanced spear-phishing, website spoofing, and other attacks enabled by the misuse of keys and certificates.
“The age of blind trust is over,” said Jeff Hudson, CEO of Venafi. “Certificates and keys are the global foundation of our online safety, security, and privacy. They are being attacked with increasing frequency across every business sector. That’s why we’re launching Venafi TrustNet certificate reputation service to protect our customers. Venafi is the only one standing between the Global 5000 and bad guys abusing the trust provided by keys and certificates.”
Together with Venafi TrustAuthority and Venafi TrustForce, these solutions create an integrated defense to help enterprises protect, detect, and respond to vulnerabilities associated with Secure Socket Layer (SSL) certificates, Secure Shell (SSH) keys, and mobile certificates, securing any key and any certificate, anywhere.
TrustNet is available for customers this month. For more information, please visit: Venafi.com/TrustNet
Lorem ipsum dolor sit amet, consectetur elit.
Thank you for subscription
Scroll to the bottom to accept
VENAFI CLOUD SERVICE
*** IMPORTANT ***
PLEASE READ CAREFULLY BEFORE CONTINUING WITH REGISTRATION AND/OR ACTIVATION OF THE VENAFI CLOUD SERVICE (“SERVICE”).
This is a legal agreement between the end user (“You”) and Venafi, Inc. ("Venafi" or “our”). BY ACCEPTING THIS AGREEMENT, EITHER BY CLICKING A BOX INDICATING YOUR ACCEPTANCE AND/OR ACTIVATING AND USING THE VENAFI CLOUD SERVICE FOR WHICH YOU HAVE REGISTERED, YOU AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU ARE ENTERING INTO THIS AGREEMENT ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH ENTITY AND ITS AFFILIATES TO THESE TERMS AND CONDITIONS, IN WHICH CASE THE TERMS "YOU" OR "YOUR" SHALL REFER TO SUCH ENTITY AND ITS AFFILIATES. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF YOU DO NOT AGREE WITH THESE TERMS AND CONDITIONS, YOU MUST NOT ACCEPT THIS AGREEMENT AND MAY NOT USE THE SERVICE.
You shall not access the Service if You are Our competitor or if you are acting as a representative or agent of a competitor, except with Our prior written consent. In addition, You shall not access the Service for purposes of monitoring its availability, performance or functionality, or for any other benchmarking or competitive purposes, and you shall not perform security vulnerability assessments or penetration tests without the express written consent of Venafi.
This Agreement was last updated on April 12, 2017. It is effective between You and Venafi as of the date of Your accepting this Agreement.
The Venafi Cloud Service includes two separate services that are operated by Venafi as software as a service, each of which is separately licensed pursuant to the terms and conditions of this Agreement and each of which is considered a Service under this Agreement: the Venafi Cloud Risk Assessment Service or the Venafi Cloud for DevOps Service. Your right to use either Service is dependent on the Service for which You have registered with Venafi to use.
This License is effective until terminated as set forth herein or the License Term expires and is not otherwise renewed by the parties. Venafi may terminate this Agreement and/or the License at any time with or without written notice to You if You fail to comply with any term or condition of this Agreement or if Venafi ceases to make the Service available to end users. You may terminate this Agreement at any time on written notice to Venafi. Upon any termination or expiration of this Agreement or the License, You agree to cease all use of the Service if the License is not otherwise renewed or reinstated. Upon termination, Venafi may also enforce any rights provided by law. The provisions of this Agreement that protect the proprietary rights of Venafi will continue in force after termination.
This Agreement shall be governed by, and any arbitration hereunder shall apply, the laws of the State of Utah, excluding (a) its conflicts of laws principles; (b) the United Nations Convention on Contracts for the International Sale of Goods; (c) the 1974 Convention on the Limitation Period in the International Sale of Goods; and (d) the Protocol amending the 1974 Convention, done at Vienna April 11, 1980.
In the meantime, please explore more of our solutions
In the meantime, please explore more of our solutions
This site uses cookies to offer you a better experience. If you do not want us to use cookies, please update your browser settings accordingly. Find out more on how we use cookies.