TrustNet Scanning and Certificate Collection | Venafi Skip to main content

TrustNet Scanning and Certificate Collection

Who We Are

Venafi is the cybersecurity market leader in machine identity protection, securing all machine-to-machine connections and communications. Venafi protects all machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, IoT, mobile, code-signing, and SSH. Venafi constantly assesses which keys and certificates are trusted, protects those that should be trusted, and fixes or blocks those that are not. We hope you agree that maintaining secure communications for your organization is of paramount importance, and we are glad you sought more information on how Venafi is working to protect organizations like yours.

Why You Are Here

You have probably been directed to this page because one of your endpoints was contacted by the Venafi TrustNet global certificate reputation service we maintain to help ensure electronic communications remain secure for every organization that puts their trust in the global public key infrastructure (PKI) model. To that end, the certificate reputation service makes non-invasive HTTPS connections to every public IP address on the internet to build a global certificate repository that we make available to the public. Note: the metadata we collect on certificates through the reputation service is public information that does not include sensitive or private data of the certificate owner.

Why We Are Doing It

We are providing a public certificate reputation service. The system of trust for privacy in electronic communications is based on a proven model of the effective exchange digital certificates, and we, along with our research and industry partners have seen a growing trend of criminal activity around stolen certificates to undermine this global system of trust. Because certificates are used to authenticate users, systems, and devices with each other and to encrypt communications between them, cybercriminals are getting increasingly clever at stealing them to impersonate users and devices. Managing an updated repository of public certificates across the globe and scoring their “trustworthiness” is how we help maintain the integrity of the global system of trust we all rely on for secure communications. Our aim is to create the world’s largest public certificate repository, so organizations like yours have a resource available to help determine which credentials should be trusted and which should not.

Our Sources for Collecting Public Certificates

In addition to populating our certificate reputation service with publicly-available certificates from most endpoint devices connected to the internet, we also collect certificates from publicly available resources, such as the University of Michigan, Google CT, and Project Sonar at Rapid7 Labs. This helps in achieving our objectives of establishing the most accurate and updated global repository of public certificates in use today.

How You Can Benefit from the Certificate Reputation Service

You can benefit in two ways. First, you can integrate the Venafi TrustNet certificate reputation service with your own application through an API we make available to the service to query the score of your public certificates. If you are interested in a sample query, please contact us at [email protected] You can also benefit from the service by deploying a web security appliance that uses the certificate reputation service feed to block employee access to websites created with suspicious certificates that might not be trustworthy. If you would like more information on the benefits of the Venafi TrustNet certificate reputation service, please visit us at venafi.com/products/trust-net. We hope this information has been helpful in educating you about the importance of maintaining the global integrity of the digital certificates we all use to secure electronic communications across the internet and the certificate reputation service we maintain at Venafi. If you have additional questions or do not want your server to be included in the certificate reputation service, please contact us at [email protected]

}
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat