Advanced Digital Certificate Discovery and Management Platform
The only software able to provide full digital certificate and key discovery, management and automation
Even if your organisation is already running PKI management software like Venafi or Keyfactor you will still need Whitethorn® to discover all of the digital certificates and keys on your systems so that you can manage them effectively. Without it you might only be managing half of the certificates on your systems, leaving thousands unexamined that may be revoked, compromised or about to expire. This weakness increases the risk of malware, ransomware and service outages.
Whitethorn’s depth of discovery provides a view of the whole certificate and key landscape, including third party software. Even leading software suppliers like Microsoft have been found to have revoked digital certificates on their products. No rogue, illegal or expiring certificate can hide and cause damage or havoc now that CIP’s Whitehorn® certificate and key discovery and management platform is available.
Unrivalled ability to identify and triage certificates across the PKI landscape.
Find expired, invalidated and revoked key and certificate assets.
Find fake certificates, often used to hide and install malware or run malicious script.
Provide a report on Indicators of Compromise, in terms of: fake certificates, command and control communication, and malware
Evaluate and detect weak key and crypto hash strength.
Identify revoked or suspect CA’s.
Identify unusual or suspicious countries of origin.
Identify unusual or anomalous keys and certificates.
Revoke, replace, and proactively manage all digital trust assets.
Perform and implement ISM Security Policies regarding digital key and certificate management.
Unique capabilities to manage operational risk and organisational policies.
Whitethorn® Shield
Whitethorn® Shield leverages AI driven automated technology to discover, detect, protect, and manage threats to your Internet Domains and Web Sites protecting your Digital footprint against Service outages and Security breaches. Our actionable intelligence better equips your organisation to make proactive, informed Operational Security decisions to proactively manage discovered Threats – before they become major Incidents. Whitethorn Shield® provides daily Domain Governance and Web Site Assurance with actionable intelligence reporting and proactive management of identified Threats.
Whitethorn® Shield combines Governance, Risk and Compliance (GRC) Assurance with technical Security Posture assessment through automated 24x7 monitoring and analysis of Internet Domains and Web Sites. Whitethorn® Shield provides actionable intelligence, Security posture Risk ratings, Industry peer benchmarking and augments Security Operations Centre (SOC) operational processes to reduce complexity and cost in the management of organisational Internet Domain and Web site Security.
Whitethorn® Use Cases
Whitethorn® has broader applicability than just finding expiring certificates. It also addresses a range of PKI challenges that can put business continuity and security at risk. It brings both business and technical benefits.
The Whitethorn Use Case document outlines 17 different use cases that may be applicable to your organisation.
Using Whitethorn® to find and replace deprecated SHA-1 certificates
One important use of Whitethorn is to identify and replace all of the SHA-1 certificates on a system. SHA-1 encryptions underpinned internet usage for years, ensuring that online communications and transactions remined secure. However, the SHA-1 algorithm is now considered deprecated. This means it is no longer considered fit-for-purpose. With sufficient processing power, malicious actors can now overpower SHA-1 algorithms with days or weeks. SHA-1’s true death knell sounded in 2017, when a successful ‘collision’ occurred. The result was that two completely different PDF files were encrypted and produced identical SHA-1 hashes. This means the system is truly broken and can no longer be trusted.
The risks of leftover SHA-1 certificates compromising the cyber security of your systems are considerable:
Increased risk of collision or Man-in-the-Middle attacks
Your website may be blocked on popular web browsers, or a warning may appear to users saying the site is not secure
Loss of revenue from customers who no longer feel comfortable making purchases on your website
Reputational damage and ensuing loss of business
Potential data breaches enabled by the weakness of SHA-1 certificates - and regulatory fines if data breaches do occur.
The following video shows how easy to is to find and replace these insecure SHA-1 certificates using Whitethorn®
Whitethorn® Datasheet
If you would like to know more about the technical details of Whitethorn® then you can download the Whitethorn® Datasheet immediately below.
Whitethorn® White Papers
Cybersec Innovation Partners are at the forefront of promoting best practice in cyber-security. To this end CIP are preparing a series of white papers on important issues, including the operational risks and how to identify and manage rogue certificates that could compromise any organisation’s IT security.
Whitethorn® White Paper #1
Why expired digital certificates are a danger to business and how the risk can be minimised
This covers the significant operational risks business face from expired certificates, which can cost them many millions.
Whitethorn® White Paper #2
How to close the gaps in cryptographic certificate management
This give a view on all aspects of cryptographic security. It suggests a three dimensional approach that provides a holistic solution for PKI/Certificate management with maximum PKI visibility within minimal system load. This can achieve the highest possible automation grade, tailored to the needs of each enterprise.
Whitethorn® White Paper #3
Why compromised digital certificates are a danger and how the risk can be minimised
This paper discusses some of the issues with stolen and repurposed digital certificates - which have been the way in which some of the most malicious malware has got into their targets systems and caused extensive and expensive problems.
Whitethorn® White Paper #4
5G IoT Networks – heightened need for digital security and strong, effective PKI
The introduction and growth of 5G networks is a significant enabler for the Internet of Things - but it also potentially opens up many more opportunities for malicious actors to penetrate your networks, unless your digital security is complete.