Symantec today announced a new cloud-based product to help large enterprises deal with the ever-growing number of security certificates within their organisations.
The Symantec Certificate Intelligence Centre enables companies to manage the certificates they run which ensure secure connections between internal applications and web browsers from one central location located in the cloud, regardless of which Certificate Authority (CAs) they come from.
There are currently more than 650 CAs providing Secure Sockets Layer (SSL) certificates and the organisations have been coming under increased scrutiny due to high profile hacking incidents.
The issue with numerous companies using the same relatively small group of SSLs is if a hacker manages to break into one of the CAs servers, it could affect thousands of firms, as well as millions of users.
Last week saw DigiNotar a Dutch CA hacked by a cyber criminal known as ComodoHacker, leading to more than 500 fake website certificates being issues for the likes of Gmail and even an MI6 website. The unidentified hacker then threatened further CAs, leading to GlobalSign halting its own issuing of certificates.
So, Symantec's launch is coming at a time when SSL security is of high priority. Features including automated scanning, advanced notification if a certificate is about to expire, for example and in-depth reporting in the Symantec Certificate Intelligence Centre, helps keep a closer eye on an issue at the forefront of security minds, whilst making it more scalable and accessible through the benefits of a cloud model.
"Organisations are already faced with the challenge of visibility into the existing estate of SSL certificates from multiple certificate authorities," said Steve Coplan, senior analyst of enterprise security practice at the 451 Group.
"This challenge will be further compounded as digital certificates for authentication and secure communications proliferate through adoption of cloud-based services, virtual machine sprawl and distribution of certificates to endpoints, particularly mobile endpoints."
He concluded: "Cross-platform approaches, such as Symantec Certificate Intelligence Centre, can provide the tools to tackle this challenge through greater degree of visibility into the state and distribution of certificates and by improving rates of automation."
The new service, aimed at the large-scale enterprise, is available now.
With the ongoing threat to CAs, is the system nearing the end of its days? Check out our analysis of the issue here.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Power stations under attack from long-running hacking campaignNews Dragonfly threat group is ramping up activities, say researchers
-
Symantec profits surge as firms prop up their cyber defencesNews The company also announced plans to sell its web certificate business
-
Symantec to pay $4.65 billion to acquire Blue CoatNews Greg Clark to become Symantec CEO, promising new cloud security
-
Symantec ditches reseller guilty of scamming PC users
News Silurian told people they had malware, then sold them Norton Antivirus for $249
-
NATO builds up cyber alliance with Symantec tie-inNews Military industrial link up to fight cyber attacks
-
Junk emails fall to their lowest rate in 12 yearsNews Spam is dropping, says Symantec, but other malware threats are on the rise
-
Kaspersky: "We have never been asked to whitelist malware"News A company blog has revealed neither government nor any other entity has asked it to stop detecting malware
-
Symantec confirms split into separate security & storage entitiesNews Storage and security will be separated as Symantec tries to boost sales in both
