Posted on 11/25/2018 , Alexander Ananiev,
For more details, please refer to our certificate management document.
Best practices list:
- Restrict certificate validity to short periods of time
- Automate certificate renewal/refresh
- Implement certificate validation/revocation mechanism (OSCP)
- Do not use self-signed certs
- Do not use wildcard certs
- Establish and maintain a complete certificate inventory—you must know where each certificate is deployed, its expiration, etc.
- Run frequent endpoint/port scans to detect self-signed and other out-of-policy certificates.
Posted on 11/08/2018 , Alexander Ananiev,
We're incorporating more security reporting/compliance features into DPBuddy and we're also working on a new product related to certificate management.
As part of this work, we're attempting to compile and aggregate best practices related to certificates and key management.