Articles about TLS certificate

A new survey of 800 security decision-makers across the US, UK, Germany and France reveals that 76 percent of security leaders recognize the pressing need to move to shorter certificate lifespans to improve security.

However, the study from machine identity specialist Venafi, also shows many feel unprepared to take action, with 77 percent saying the shift to 90-day certificates will mean more outages are inevitable.

Continue reading →

Google's proposal to cut TLS certificate lifespans to 90 days -- down from the current 398 -- was aired last year and has caused something of a stir in security circles.

According to a recent Venafi study, 83 percent of organizations have been hit by certificate-related outages in the past 12 months, and 57 percent of organizations have experienced security incidents involving compromised TLS certificates. Shortening certificate lifespans will therefore help businesses reduce the risk of compromise.

Continue reading →

A new survey finds that nearly 80 percent of TLS certificates on the internet are vulnerable to man-in-the-middle (MiM) attacks, while as many as 25 percent of all certificates are expired at any given time.

The study, sponsored by automated machine identity management firm AppViewX and carried out by EEnterprise Management Associates (EMA), focuses on servers with SSL/TLS certificates on port 443.

Continue reading →

Spotify users recently experienced an event that is becoming all-too familiar to digital consumers. They were left unable to listen to their favorite podcasts for hours after an TLS certificate at the streaming giant expired. Although certificates, or "machine identities," like these are intended to provide a backbone of trust across the online world, they are also increasingly challenging for organizations to manage. Digital transformation is driving an unprecedented expansion of machine identity volumes across the globe. That’s bad news for the security teams tasked with managing them. When even one expires, it can lead to chaos.

Spotify is certainly not the first big-name brand impacted in this way. And it definitely won’t be the last. The message is clear: brands need a more efficient, automated way to manage these identities if they want to optimize cybersecurity and service uptime.

Continue reading →