Cert Spotter tracks your organization's certificates to enhance your reliability and security.
How Cert Spotter Helps
Avoid costly outages
Expired certificates can bring down critical systems and cause costly disruptions that harm your business and reputation. Cert Spotter tracks your certificates and manages them centrally, so you know about expirations before they happen.
Even if you have a centralized certificate procurement process, an employee can bypass your process and deploy a free certificate on their own. Cert Spotter helps you track down these undocumented certificates and bring them under centralized control.
Protect your data and reputation
There are hundreds of certificate authorities that are trusted to issue certificates for any domain on the Internet. Even if you use Extended Validation or High Assurance certificates from a top-tier certificate authority, an attacker can exploit a less rigorous certificate authority to obtain fraudulent certificates for your domain. Fraudulent certificates can be used to impersonate your site and steal your customers' data, leading to long-term business and reputational costs.
Domain shadowing is a tactic used by scammers to deliver malware using your domain and reputation. After compromising your domain name registrar, attackers set up a sub-domain, obtain a certificate for it, and use it to host their malware. It can severely tarnish your reputation and affect your search engine rankings if your brand becomes associated with malware.
Cert Spotter monitors Certificate Transparency logs for certificates for your domains, so you can detect unauthorized certificates early and stop the damage to your business.
Ensure policy compliance
Even if you require the use of a particular certificate authority or type of certificate, there is no technical restriction to stop an employee or contractor from obtaining a cheap or free certificate on their own. Cert Spotter watches for certificates for your domain so you know when a certificate is issued that violates your policy.
Keep tabs on your infrastructure providers
When you outsource your infrastructure, you outsource the authority to obtain certificates for your domain. Certificates obtained by your infrastructure providers can remain valid even after you terminate your relationship with them. Maintaining visibility into your providers' practices is essential for protecting your security and reputation.
A CDN provider might acquire a certificate for your domain that's shared with dozens of unrelated domains, including domains for competitors or unsavory websites. Association with such websites can harm your reputation and create public embarrassment for your brand, as Senator Ted Cruz learned when his CDN provider placed his campaign website on the same certificate as "nigerian-prince.com".
Cert Spotter provides the visibility you need to assess security and reputational impacts and revoke certificates as necessary.