Venafi, the leading provider of Next Generation Trust Protection, today announced Venafi TrustNet, a cloud-based reputation service designed to protect enterprises from the growing threat of cryptographic key and digital certificate abuse. According to new Ponemon Institute research, 100% of over 2,300 organizations surveyed have responded to multiple attacks on keys and certificates in the last two years. Threat research from FireEye, Intel, Kaspersky, and Mandiant consistently identifies the misuse of keys and certificates as an important part of APT and cybercriminal operations to infiltrate and steal intellectual property (IP), other valuable data, and money. TrustNet detects anomalies and vulnerabilities associated with keys and certificates across the Internet and alerts security teams. TrustNet works with the existing Venafi products so customers can quickly respond by blacklisting certificates and replacing vulnerable keys and certificates.
The world’s economy is dependent on the trust keys and certificates provide. Without them, it is impossible to identify websites, transactions, communications, apps, and more as trusted or not. The new Ponemon Institute, 2015 Cost of Failed Trust Report found the average Global 5000 organization has almost 24,000 keys and certificates used to identity applications, devices, and servers. The growing use of SSL/TLS has attracted cybercriminal interest in order to gain trusted network status and to exfiltrate data undetected. According to Gartner analysts Jeremy D’Hoinne and Adam Hils, “Gartner believes that, in 2017, more than half of the network attacks targeting enterprises will use encrypted traffic to bypass controls, up from less than 5% today” (Gartner, Security Leaders Must Address Threats From Rising SSL Traffic, December 2013, refreshed January 2015).
Intel cybersecurity researchers predict the next large-scale hacker marketplace will be in the sale of stolen digital certificates. The cybercriminal marketplace already prices a stolen certificate at almost $1000 each, and rising. As a result of increased attacks on keys and certificates, half of IT security professionals now believe the trust their business is dependent on to operate is in jeopardy according to Ponemon research.
TrustNet is the first service that identifies the malicious use of certificates. It scores their reputation by combing global sensor networks, data collection, analytics, and tuned algorithms along with data submitted by Venafi enterprise customers. TrustNet provides real-time reputation on millions of digital certificates globally as well as the trustworthiness of Certificate Authorities (CAs) worldwide. TrustNet also monitors the Google Certificate Transparency initiative to quickly identify fraudulent issuance of digital certificates. With this insight, TrustNet can help stop Man-in-the-Middle attacks, advanced spear-phishing, website spoofing, and other attacks enabled by the misuse of keys and certificates.
“The age of blind trust is over,” said Jeff Hudson, CEO of Venafi. “Certificates and keys are the global foundation of our online safety, security, and privacy. They are being attacked with increasing frequency across every business sector. That’s why we’re launching Venafi TrustNet certificate reputation service to protect our customers. Venafi is the only one standing between the Global 5000 and bad guys abusing the trust provided by keys and certificates.”
Together with Venafi TrustAuthority and Venafi TrustForce, these solutions create an integrated defense to help enterprises protect, detect, and respond to vulnerabilities associated with Secure Socket Layer (SSL) certificates, Secure Shell (SSH) keys, and mobile certificates, securing any key and any certificate, anywhere.
TrustNet is available for customers this month. For more information, please visit: Venafi.com/TrustNet