THE AUDIT PORTAL.
Digital identities are ubiquitous in organizations and enterprises.
People (employees, customers, contractors, etc), electronic devices, and compute services have an electronic identity, so they all can digitally interact with each other. Most of these identities are represented by X.509 certificates.
OUR SOLUTION
primeid DISCOVER establishes organization-wide oversight of all digital certificates. It also reveals to which device any certificate is deployed, and to which user or service it is assigned..
USE CASES
primeid DISCOVER synchronizes the inventory and status information of all certificates from the issuing sources (CAs) and all directories (databases) within the organization. In addition, a Network Certificate Scanner is available to scan any specified IP address / port range (network segment) for SSL/TLS certificates from any unknown sources, including public trust CAs. This is an agent-less technology for non-intrusive and easy operation. Combined, this provides a 360° view on the state of all your digital identities.
primeid DISCOVER records the organization’s certificate inventory and it can trigger configurable notifications, for example upon expiry of a certificate. It provides comprehensive reports which may serve for compliance purposes. Powerful filters can be used to focus on specific subsets of the certificate inventory.
Mismatches in certificate attributes and entire entities, between the different data repositories, are automatically detected and reported, including the change history of the attributes and entities in question. Inconsistencies at this level can be an indication of a misconfiguration or a malicious threat. primeid DISCOVER helps to keep all digital identities consistent and secure and thereby contributes to the security operations of an organization, and to its regulatory compliance.
primeid DISCOVER does not actively manage the certificate lifecycle, as certificate automation workflows and protocols, such as ACME or EST, are provided by all modern PKI implementations. To complement these, primeid DISCOVER offers comprehensive REST APIs, for integrating certificate lifecycle events into ticketing systems and business processes automation solutions.
The upcoming migration to post-quantum cryptography (PQC) requires careful planning and implementation. The full inventory of the algorithms and protocols used is always the starting point. primeID DISCOVER is a powerful and central tool for this first step and for the entire journey of the migration.
BENEFITS
+ Prevent outage – get notified in time for certificate renewal
+ 360° view on all certificates from public and private CAs
+ Know, where the certificates are deployed
+ History of status changes for certificates
+ Non-intrusive - only watching, not touching
+ Agent-less
+ Detect anomalies – threats and misconfigurations
+ Assure consistency
+ Compliance reporting
+ Easy to roll-out, easy to operate
DATASHEET
Do you have any questions or need more information?