Venafi TrustNet™ | Certificate Trust | Venafi Skip to main content
platform /

Venafi TrustNet™ | Certificate Trust

Establish the Trustworthiness of Certificates

Venafi TrustNet™

After establishing certificate reputation, TrustNet can increase protection by whitelisting trusted CAs and certificate trust, and blacklisting untrusted ones.

Defend and Protect

Detect Threats Earlier by Identifying Rogue Certificates

Stop threats faster with early detection from the industry’s most comprehensive source of certificate trustworthiness. TrustNet identifies anomalous behavior using intelligence gathered from a global sensor network, and customer and partner feeds. This highly refined scoring algorithm is constantly tuned to address changes in the threatscape.

Get a free risk assessment to see how many of your certificates are vulnerable

Start Now
“The software is easy to use, and adds a layer of visibility to vulnerabilities in the use of certificates that was previously unseen.”

- Global 500 Insurance Company (source: TVID: DCD-E87-A16)

Platform Pic
How It Works

TrustNet integrates with other Venafi Platform components to provide alerts on forged, rogue, and maliciously used certificates found across the internet. When TrustNet detects a rogue certificate, it can immediately blacklist the certificate or the rogue CA that issued it with it's certificate monitoring tools. This allows you to take immediate action to block access to websites that are using blacklisted certificates. You can then use TrustForce to automate the replacement of these rogue certificates quickly and easily. Automation is especially useful to handle the scale of an event such as a CA compromise or new vulnerability such as Heartbleed.

Why It’s Vital

Malicious actors are increasingly misusing certificate and key trust to appear to be trusted. This allows attackers to evade detection, bypass traditional security controls, and keep their actions cloaked.

TrustNet identifies forged, rogue, and malicious use of certificates that may be disguising an attacker’s actions. You get up-to-date threat intelligence for certificates through the most accurate single source of certificate reputation.

With certificate reputation, certificate monitoring tools, and immediate remediation of misuse, you can re-establish and maintain the certificate trust created by keys and certificates that today’s digital economy demands.

What’s in It for You

Gain Global Visibility

  • Access the largest source of certificate reputation, both good and bad
  • Gain intelligence from CAs, application servers, devices, and users
  • Extend reputation beyond CA-provided revocation information
  • Monitor certificate issuance and usage across the entire Internet

Establish Certificate Reputation

  • Reveal the misuse of keys and certificates through reputation scores
  • Access key trust intelligence from advanced algorithms, security analysts, and historical data
  • Leverage intelligence from Google Certificate Transparency (CT)
  • Source data from Project Sonar and University of Michigan databases

Apply Whitelisting and Blacklisting

  • Immediately whitelist trusted CAs or certificates and blacklist untrusted ones with SSL certificate verification
  • Prevent misused certificates from being trusted within your network
  • Extend certificate security beyond your datacenter with global blacklisting

Support a Defensive Architecture Trust Model

  • Ensure integrity within an architecture built on a tiered PKI
  • Sign all responses for sources that access the TrustNet service
  • Publish the TrustNet root certificate to DANE
  • Integrate certificate reputation services into any application through a REST API

Case study

Reputation Protection for a Leading Worldwide Bank

Before Venafi: Stolen certificate found on phishing site; ~100 servers / tens of millions of records accessed in attack; business and brand damage.

After Venafi: Global certificate reputation that flags misuse across the Internet; immediate whitelisting and blacklisting of certificates; protection of business and brand.


Key Advantages

  • Extend trust with certificates reputation
  • Identify misuse earlier to stop threats sooner
  • Blacklist rogue certificates
  • Remediate immediately to minimize damages
Take the First Step

Take the First Step

Discover misuse earlier and protect your business with certificate reputation.

Get Started
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more