Network security has been in the spotlight more than ever the past few months, and for good reason. We’ve seen many scary headlines that have put the pressure on security professionals – and also raised the stakes.
Amid all of this news, we’ve realized that encryption works and that we can trust the math behind encryption protocols. Organizations must do more to better configure the encryption tools they deploy so that they make surveillance expensive and difficult.
In this podcast recorded at RSA Conference 2014, Jason Sabin, VP of Research & Development at DigiCert, discusses how SSL is the most important defense against unwanted surveillance, but it must be properly implemented.
The truth is that, many professionals do not deal with SSL certificates on a regular basis, and not all are up to date on the latest best practices. These pros usually wear many hats, and installing SSL is just one of them. SSL is more than procurement and installation – configuration matters, and if not done right, can open up vulnerabilities.
Using the tool, administrators can:
- Quickly find all SSL certificates and endpoints on their network
- Discover vulnerabilities (such as weak keys, ciphers vulnerable to attacks, mismatched names)
- Access a list of recommended remediation steps that the tool provides for each detected vulnerability
- Renew expiring certificates through an express provisioning process
- Keep snapshots of each detection event to monitor progress & optimize their SSL environment.