Skip to main content
platform /

Venafi TrustNet™

Identifying Certificate Trust for Machine Identities

v-control Icon
​Cyber criminals are increasingly misusing certificate and key trust to gain unauthorized access to your network. Rogue keys and certificates allow attackers to compromise machine identities to bypass traditional security controls while hiding in encrypted tunnels.
Defend and Protect

Accelerate Security Risk Intelligence on Rogue Certificates

Stop threats faster with early detection from the industry’s most comprehensive source of certificate trustworthiness. Identify anomalous behavior using intelligence gathered from a global sensor network, and customer and partner feeds.

Get a free risk assessment to see how many of your certificates are weak.

Start Now
“The software is easy to use, and adds a layer of visibility to vulnerabilities in the use of certificates that was previously unseen.”

- Global 500 Insurance Company (source: TVID: DCD-E87-A16)

platform diagram

TrustNet globally identifies anomalous certificates that may be disguising an attacker’s intentions and actions. You get real-time threat intelligence for certificates through the most accurate single source of certificate reputation. With certificate reputation, you can re-establish and maintain certificate trust created by keys and certificates in order to protect your organization’s brand.

Key Advantages
  • Prevent mistrust with certificate reputation
  • Identify compromised, rogue or misused certificates earlier to stop threats sooner
  • Automatically blacklist rogue certificates
  • Remediate immediately to minimize brand damage
How It Works

TrustNet provide alerts on forged, rogue, and maliciously used certificates found across the internet. When TrustNet detects a rogue certificate, it can immediately blacklist the certificate or the rogue CA that issued it. This allows you to take immediate action to block access to websites that are using blacklisted certificates.

What’s in It for You

Gain Global Intelligence

  • Access the largest source of certificate reputation, both good and bad
  • Gain intelligence from CAs, application servers, devices, and users
  • Extend reputation beyond CA-provided revocation information
  • Monitor certificate issuance and usage across the entire Internet

Establish Certificate Reputation

  • Reveal the misuse of keys and certificates through reputation scores
  • Access key trust intelligence from advanced algorithms, security analysts, and historical data
  • Leverage intelligence from Google Certificate Transparency (CT)
  • Source data from Project Sonar and University of Michigan databases

Apply Whitelisting and Blacklisting

  • Immediately whitelist trusted CAs or certificates and blacklist untrusted ones with SSL certificate verification
  • Prevent misused certificates from being trusted within your network
  • Extend certificate security beyond your datacenter with global blacklisting

Support a Defensive Trust Model

  • Sign all responses for sources that access the TrustNet service
  • Publish the TrustNet root certificate to DANE
  • Integrate certificate reputation services into any application through a REST API

Case study

Reputation Protection for a Leading Worldwide Bank

Before Venafi: Stolen certificate found on phishing site; ~100 servers / tens of millions of records accessed in attack; business and brand damage.

After Venafi: Global certificate reputation that flags misuse across the Internet; immediate whitelisting and blacklisting of certificates; protection of business and brand.

small v

Are you exposed?

Do you know if your machine identities are compromised?

Get a free risk assessment
Take the First Step

Take the next step

Discover misuse earlier and protect your business with certificate reputation.

Get Started
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more