Venafi Launches New Threat Center to Chronicle Increased Cyber-Attacks on Trust
Salt Lake City, UT
October 9, 2013
Industry First Provides Research and Threat Intelligence on Cryptographic Key and Digital Certificate Exploits and Enterprise Exposure
Venafi, the market leading cybersecurity company in Next-Generation Trust Protection (NGTP), today announced the release of Venafi Threat Center™. Recognizing the sharp increase of cyber-criminals exploiting the trust established by cryptographic keys and digital certificates, Venafi created the Venafi Threat Center to focus specifically on the increase in trust-based attacks and their impact on Global 2000 enterprises. Another industry first, Venafi Threat Center offers insight and intelligence into this new threat vector, and provides strategies to mitigate against these attacks.
On a global basis, every organization and government entity is under attack. Cyber-criminals are using keys and certificates as an attack vector to compromise enterprises and to disguise their activities within organizations. Recent Ponemon Institute research validates that every organization has fallen prey to attacks on keys and certificates in the last 2 years. Due to the lack of insight into key and certificate inventories, more than 60% of organizations take at least 24 hours to one week to replace compromised keys and certificates which results in a $398M exposure to every organization over two years. Access Venafi Threat Center, including new research regarding attacks on keys and certificates.
Secure Socket Layer (SSL) and Transport Layer Security (TLS) have fast become two of the most widely deployed and popular techniques that cyber-criminals use to mask their communications between Remote Access Tools (RAT) and Command & Control (C2). Unfortunately, the millions of dollars organizations spend on perimeter-based security solutions are for naught; compromised keys and certificates provide cyber-criminals with unfettered trusted access and status. Forrester research has recognized that “enterprise awareness of attacks on keys and certificates is in its infancy; most don’t understand how to detect or respond to an attack.” (July 2013 Commissioned study entitled “Attacks on Trust: The Cybercriminal’s New Weapon,” conducted by Forrester Consulting on behalf of Venafi).
“For too long organizations have blindly trusted keys and certificates with little visibility into their threat risk exposure,” said Jeff Hudson, Venafi CEO. “Malicious actors have taken note of this blind trust and use it nefariously against organizations and government entities. The results are clear: terabytes of valuable information and intellectual property are being pilfered from these companies and government entities, for months before a compromise is even detected. Venafi Threat Center is at the forefront of Next-Generation Trust Protection (NGTP) and helps organizations respond to and remediate against trust-based attacks.”
Venafi Threat Center provides organizations with information about current threats related to compromised keys and certificates, an understanding of how encryption keys and certificates establish trust, and insight into recommended strategies to protect against attacks on trust. Venafi Threat Center also provides details about the Venafi Trust Protection Platform, which empowers organizations to detect trust-based attacks and rapidly respond to mitigate them.
Sample reports on the new Venafi Threat Center site include: