Certificate discovery is an important feature when you need to have complete visibility of all certificates within the infrastructure. Although seemingly an easy task, current heterogenous infrastructures, containing hybrid technologies, make certificate discovery rather complex without proper tools and support.
CZERTAINLY comes with a strong implementation of certificate discovery that can diagnose different parts of the infrastructure and gives you consistent overview of all certificates that were identified through a simple certificate inventory interface.
One of the strengths of CZERTAINLY is its transparency and extensibility, enabling you to integrate your own or 3rd party discovery providers, enhancing the certificate discovery for every need and environment.
As such we would like to announce that the CZERTAINLY has been integrated with the Cryptosense Analyzer Platform (CAP) to enhance the certificate discovery capabilities. Bridging benefits of searching for certificates with one of the best cryptographic analytics tools you can find.
Cryptosense Discovery Provider
Cryptosense Discovery Provider is the implementation of the connector for CZERTAINLY platform that implements Certificate Discovery functional group with tracking information from the Cryptosense Analyzer Platform reports.
It gives you possibility to easily discover certificates and cryptographic keys in:
- Applications (Java, .Net, OpenSSL)
- Network (TLS, STARTTLS, SSH)
- Filesystems and Containers
- Hardware Security Modules (PKCS#11)
The results are logically organised in the hierarchy of projects and reports. The analysis results can be continuously monitored and updated as needed. Using the Cryptosense Discovery Provider you have all discovered certificates in one consistent location within the CZERTAINLY platform and you can manage all of them immediately.
How does it work?
CZERTAINLY focuses on the consistent and easy approach to certificate management and this consistent even for Cryptosense Discovery Provider.
In order to enable CZERTAINLY with the Cryptosense capabilities, you need to follow these easy steps:
- Add Cryptosense Discovery Provider to Connector Store
- Create Credential of API Key type for authorisation to CAP
- Create new Discovery process and choose Cryptosense Discovery Provider
- Select from available Projects and Reports, include API Key and run
And that is it! Now you just need to wait for the discovery process to be completed and you can start to manage all certificates that were discovered.
Even more, each certificate includes additional meta data that helps you easily identify its source and other useful information. Some of the CAP specific are:
- CAP certificate URL
- Project Name and Id
- Report Name and Id
- Certificate Id
Could it be more easier?
Consistent certificate inventory
Each certificate within the CZERTAINLY is included in the certificate inventory that provides consistent information and management of the certificate related tasks.
Using the Cryptosense Discovery Provider, you can increase the visibility on certificates within heterogenous infrastructure and manage them in one central certificate inventory.
This is very important step in order to start effectively manage lifecycle of certificates. With a proper certificate inventory and tools, you can achieve more and with less effort. You will start to enjoy work with certificates!
Additional benefits of using CAP
Although Cryptosense Discovery Provider implements powerful certificate discovery within the CZERTAINLY platform, you might find interesting using the CAP to protect your applications from cryptographic vulnerabilities.
The unique value of CAP is end-to-end visibility and control of cryptography. CAP analyses your applications to see how they are using cryptography: from encrypting data at rest or in transit, to signing and verifying code. It builds full maps of all your cryptographic objects and displays how they are used. From application cryptography to keys and certificates, from cloud cryptography services to secure hardware. CAP gives you full visibility, plus vulnerability and compliance analysis, all in one tool.
Cryptosense provides software to discover, trace and analyze cryptography use, at scale, across enterprise IT both on-premise and in the cloud. Our customers are able to proactively manage their crypto security, remove weakness from applications, and respond effectively to changes such as cloud migration or post-quantum cryptography. Cryptosense's software helps protect the majority of interbank messages worldwide, more than half of all global Forex trades, and the world's largest financial transactions database.