Cryptographic Assessment
Ensure data remains protected, even if intercepted, by managing cryptographic keys and algorithms effectively, which prevents breaches that could expose sensitive information, disrupt operations, and cause outages.
What is a Crpytographic Assessment?
Understanding and controlling an organisation's cryptographic elements acts as a vital line of defence against cyberattacks and service outages. Encryption scrambles data, making it humanly unreadable to unauthorised users.
By managing cryptographic keys and algorithms effectively, you ensure data remains protected even if intercepted. This prevents breaches that could expose sensitive information, disrupt operations, and cause outages. Additionally, strong cryptography thwarts attempts to manipulate data, safeguarding the integrity of your systems and preventing attackers from tampering with critical processes that could lead to service disruptions and data leakage.
What we do
Utilising both agent and agentless approaches, we deploy services and undertake network and endpoint scans. The powerful scanning application of the endpoint agent undertakes complete enumeration of the whole file system and assesses all binary objects on the device.
Network scanning provides information on services using cryptographic protocols and retrieves the certificate information, accordingly, providing Customers with a complete inventory of all cryptographic certificates and keys used within the environment.
Key Features of a Cryptographic Assessment
Assistance with deploying the solution and scheduling of the scans to build, analyse and report for the assessment.
Certificate expiry dates – prevent service outages.
Cryptographic inventory.
Identify expired certificates.
Ciphers.
Algorithms.
Chain validity – untrusted certificates.
Revocation status.
Key discovery, types SSH and PGP keys both public and private.
Key length.
Subject / Issuer information including country of origin.
Self-signed certificates.
Subject Alternate Names.
Certificate Authority (CA) status.
Thumbprint both SHA1 and SHA2 of the certificates.
Associated software related to certificates including certificates used for code signing.
Untrusted software identification.
Keystore discovery and default credential check.
Identifies those keystores with default credentials left unprotected.
Identifies path of keystores located.
Discover fake certificates (zero false positives).
Self-signed certificates.
Key Benefits of a Cryptographic Assessment
Prevent Service Outages
Identify expiring certificates before they cause disruptions.
Complete Cryptographic Inventory
Gain a comprehensive list of all cryptographic elements within the organisation.
Enhanced Security Posture
Identify weak ciphers and algorithms for remediation. Detect untrusted certificates that could compromise security. Verify certificate revocation status to ensure their validity.
Improved Key Management
Discover SSH and PGP keys (Public & Private) for better control and help prevent lateral movement of an attacker. Identify selfsigned certificates for internal compliance.
Detailed Certificate Information
View subject/issuer details and country of origin for certificates. Identify certificates used for code signing.
Untrusted Software Detection
Uncover applications that may pose security risks from this completely unique view.
Secure Keystore Practices
Find keystores with default credentials, a security weakness. Locate keystore storage paths for improved management.
Fake Certificate Detection
Identify fake certificates with zero false positives.
Regulatory Compliance:
Understand where you may be failing regulatory compliance due to usage of weak or vulnerable protocols and ciphers.