Cryptographic Assessment

Ensure data remains protected, even if intercepted, by managing cryptographic keys and algorithms effectively, which prevents breaches that could expose sensitive information, disrupt operations, and cause outages.

Contact Us

What is a Crpytographic Assessment?

Understanding and controlling an organisation's cryptographic elements acts as a vital line of defence against cyberattacks and service outages. Encryption scrambles data, making it humanly unreadable to unauthorised users.


By managing cryptographic keys and algorithms effectively, you ensure data remains protected even if intercepted. This prevents breaches that could expose sensitive information, disrupt operations, and cause outages. Additionally, strong cryptography thwarts attempts to manipulate data, safeguarding the integrity of your systems and preventing attackers from tampering with critical processes that could lead to service disruptions and data leakage.

What we do

Utilising both agent and agentless approaches, we deploy services and undertake network and endpoint scans. The powerful scanning application of the endpoint agent undertakes complete enumeration of the whole file system and assesses all binary objects on the device.


Network scanning provides information on services using cryptographic protocols and retrieves the certificate information, accordingly, providing Customers with a complete inventory of all cryptographic certificates and keys used within the environment.


Key Features of a Cryptographic Assessment

Assistance with deploying the solution and scheduling of the scans to build, analyse and report for the assessment.

Certificate expiry dates – prevent service outages.

Cryptographic inventory.

Identify expired certificates.

Ciphers.

Algorithms.

Chain validity – untrusted certificates.

Revocation status.

Key discovery, types SSH and PGP keys both public and private.

Key length.

Subject / Issuer information including country of origin.

Self-signed certificates.

Subject Alternate Names.

Certificate Authority (CA) status.

Thumbprint both SHA1 and SHA2 of the certificates.

Associated software related to certificates including certificates used for code signing.

Untrusted software identification.

Keystore discovery and default credential check.

Identifies those keystores with default credentials left unprotected.

Identifies path of keystores located.

Discover fake certificates (zero false positives).

Self-signed certificates.

Key Benefits of a Cryptographic Assessment

Prevent Service Outages

Identify expiring certificates before they cause disruptions.

Complete Cryptographic Inventory

Gain a comprehensive list of all cryptographic elements within the organisation.

Enhanced Security Posture

Identify weak ciphers and algorithms for remediation. Detect untrusted certificates that could compromise security. Verify certificate revocation status to ensure their validity.

Improved Key Management

Discover SSH and PGP keys (Public & Private) for better control and help prevent lateral movement of an attacker. Identify selfsigned certificates for internal compliance.

Detailed Certificate Information

View subject/issuer details and country of origin for certificates. Identify certificates used for code signing.

Untrusted Software Detection

Uncover applications that may pose security risks from this completely unique view.

Secure Keystore Practices

Find keystores with default credentials, a security weakness. Locate keystore storage paths for improved management.

Fake Certificate Detection

Identify fake certificates with zero false positives.

Regulatory Compliance:

Understand where you may be failing regulatory compliance due to usage of weak or vulnerable protocols and ciphers.

Ready to Evolve your Business?

Contact Us