Security News > 2020 > July > The crypto-agility mandate, and how to get there

The crypto-agility mandate, and how to get there
2020-07-13 05:21

This is accomplished by tracking down every digital certificate deployed across the organization and capturing details including algorithms and their size, the type of hashing/signature, validity period, where it's located and how it can be used.

Once you have a complete inventory, you'll then need to identify the vulnerable certificates by the type of cryptography in use and look for anomalies and potential problems.

These can include certificates that use wildcards or IP address, certificates located on unauthorized or unintended systems as well as certificates abandoned on deprecated systems.

Finding your certificates and vulnerability isn't enough by itself to deliver crypto-agility - you're still looking at the aforementioned 15-month-long process if you need to swap everything out manually.

The ideal solution here is a fully automated Certificate Management Systems that will manage the entire lifecycle of a certificate from creation to renewal.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/W4cRSlI8Hn4/