As a small part of our Cyber Risk Assessments for clients we utilise our PKI discovery and Enterprise tool set which identifies risks in the form of 'retired and revoked certificates in their hundreds, often thousands across an Enterprise. The below extract of a recent sub £100M client was performed on just 2 of their 'gold standard' Windows builds of both OS 10 and OS 7.

PKI Risk Assessment – The assessment undertaken includes a further report attached in Appendix A. Two windows machines have almost 400 revoked certificates that have been unremedied. This is only a subset of what could be in the organisation right now which requires immediate further investigation and remediation. Recommend implementation of solution that can manage and protect PKI estate effectively including CA Management.

This is our typical finding! With the recent breaches of 'sizeable' magnitude and costs and each being compromised certificates why are so many companies taking the chance and ignoring their PKI/Enterprise and Certs?

CIP are able to provide complete Digital Trust in your PKI enviroment, please stop taking chances!