Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Certificate Assessor Helps Close Doors on Flame

Venafi : 04 July, 2012  (New Product)
Venafi has made MD5 Certificate Assessor to help organisations identify week certification and remedy the problem before falling victim to Flame attacks
Certificate Assessor Helps Close Doors on Flame
Statistical data gathered by Venafi, a provider of enterprise key and certificate management (EKCM) solutions, indicates that nearly all Global 2000 organisations have deployed weak, easily-hacked MD5-signed certificates in their environments. MD5 is the broken certificate-signing algorithm used by Microsoft, which allowed hackers to bypass Microsoft security and infect thousands of computers with Flame malware. Once infected, Flame was able to gather sensitive information from the targeted devices.

Enterprises need to proactively defend their global networks against breaches that result from weak security by locating and replacing all vulnerable, MD5-signed certificates. To do this, organisations can download Venafi MD5 Certificate Assessor, an easy-to-install and cost-free software solution that scans the network to:

* Identify all digital certificates deployed on the network
* Locate all MD5-signed certificates and highlight where they are
* Identify encryption keys that are out of compliance and assess their strengths and weaknesses
* Assess certificate validity periods that are creating the greatest risk
* Determine each certificate’s issuing certificate authority (CA)

Global 2000 Network Scan Methodology and Findings

Scans performed on the internal and external networks of 450 Global 2000 companies were conducted with Venafi Assessor and Venafi Encryption Director 6, which are patented, Gartner Cool Vendor technologies that automatically identify weak digital certificate and encryption keys. Specifically, scans revealed:

* All networks scanned had varying levels of certificates signed with MD5
* Some had as many as 78 percent of their internal certificates signed with MD5
* Overall, 17.4 percent of scanned internal and external certificates were signed with MD5

"The risks are no longer hypothetical," said Jeff Hudson, Venafi CEO. "MD5 certificates were the open door that allowed Flame to penetrate networks and gather information. Microsoft closed their door by issuing a security patch. Your door, however, remains wide open. Intrusion detection systems, firewalls, antivirus and other security measures do not address these open doors on your network. Organisations need to take specific action immediately to remove MD5.”
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo