Skip to main content
banner image
venafi logo

RSA 2016: How Your Security Foundation Crumbles If Your Keys and Certificates Are Compromised

RSA 2016: How Your Security Foundation Crumbles If Your Keys and Certificates Are Compromised

March 1, 2016 | Gregory Webb
Key Takeaways
  • Your business depends on a foundation of online trust, which relies heavily on keys and certificates
  • That foundation is compromised when security systems blindly trust keys and certificates—even stolen or forged ones
  • Bad guys are undermining this system of trust by using it to bypass your existing security controls
  • Venafi helps you strengthen your foundation by determining which keys and certificates you can trust

Cybercriminals are targeting your organization with attacks that misuse keys and certificates to infiltrate your network. And you can’t detect them because they are hiding in encrypted traffic. Yet, many organizations do not realize the severity of this threat. That’s why we are bringing the problem to life. Because sometimes seeing is believing.

MORE How Venafi helps you protect your security foundation

At RSA 2016, Venafi made it real. Our gameshow - “Are You Smarter than a Bad Guy?” -  showed how your security foundation is built on a system of trust that relies on keys and certificates. Brick by security-enhanced brick, we built a wall of metaphorical security systems that rest on your keys and certificates. This wall of bricks illustrated how the smallest compromise of that foundation (a hijacked key or certificate) can cause the whole system to come tumbling down.

Venafi winners at RSA 2016

The rapid growth of keys and certificates is nearly unmanageable

Here’s why your security foundation is vulnerable. Global 5000 organizations deploy an average of 20,000+ digital keys and cryptographic certificates. That’s 20,000+ ways that cybercriminals can infiltrate your encrypted traffic every time you establish trusted connections, authenticate devices, secure applications, and authenticate code.

That’s a lot to manage, even if you are aware of all the keys and certificates that you are using. However, more than half of organizations (54%) don’t know exactly how many keys and certificates their systems use, where they are located, who owns them, who has access to them, or when they expire, On average, our customers have found more than 16K keys and certificates they didn’t know they had.

Bad guys know you are vulnerable

Even worse, your existing security systems are built on this very same foundation of trust. Because these systems trust keys and certificates they’re blind to many new threats. Even with thoughtfully layered security, you’re still exposed to man-in-the-middle attacks, spoofed websites, backdoor access, and code-signed malware attacks because they hide in encrypted traffic. And it’s only going to get worse.

Code-signed malware is growing at 75% CAGR. And cybercriminals are using SSL/TS against us, which allows the bad guys to look legitimate while they surveil networks, steal data, and stay undetected. Intel predicts the next big underground marketplace will be stolen certificates.

What you need is the ability to identify which keys and certificates are friend versus foe. You need to be able to determine the reputation (good or bad) of keys and certificates so that cybercriminals cannot use them anymore to bypass security solutions.

You can find and fix these vulnerabilities today

With Venafi, you get complete visibility and control. The Venafi Trust Protection Platform allows you to manage and protect all your keys and certificates while it shares a layer of services that make them work together—visibility, agents, policy, portals, workflow, reporting which integrates with hundreds of existing systems in your infrastructure. The platform lets you know which keys and certificates should be trusted and which shouldn’t, making security easy, fast and automated.

We hope you had a chance to visit us at RSA to see how your security foundation stacks up against cybercrime. If not, you can still talk to one of our experts to learn why hundreds of the world’s largest organizations use Venafi solutions to protect their foundation of trust.

Like this blog? We think you will love this.
Featured Blog

What is the Automated Certificate Management Environment (ACME) Protocol?

How does it work?

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Gregory Webb
Gregory Webb
Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more