Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Certificate Expiration Status

by Cody Dumont
November 18, 2016

With the ever-expanding need for encryption and the complexity PKI brings to the table, tracking certificate expiry dates becomes more challenging. Tenable SecurityCenter can monitor certificate usage and expiration dates using active and passive detection through log correlation. This dashboard provides a concise view of systems and the expiration date of any identified certificates. 

In some environments there are often several groups within the organization purchasing certificates. Unfortunate scenarios can occur, such as certificates which are lost with a change of personnel. Additional risks to the organization can be certificates getting lost or certificates that are not part of the monitoring process.  For example, if an organization purchased a wild card certificate, the organization may not keep track of all the systems where the certificate is installed. Organizations also need to be aware of threats such as Man in the Middle (MitM) attacks that rely on users blindly accepting invalid certificates. Gaining a thorough understanding to the risk posed by expired certificates is a constant struggle for security operation teams. 

The components in this dashboard use regular expression matching to identify certification expiration date fields, which are collected when secure network traffic is detected. The components are broken down by month for the years 2016 to 2023. For subsequent years there is a summary component.  Listed below are just a few of the plugins that are matched using the regular expression filter. Showing the flexibility of SecurityCenter, any new plugins that are created which have “Certificate” in the plugin name, an expiration date, or date range will be also be added to the results of the dashboard queries. 

  • SSL Expired Certificate Detection (7036)
  • SSL Certificate Expiration Date Detection (7052)
  • SSL/TLS Certificate Validity Dates Detection (7126)
  • SSL Certificate Information (10863)
  • SSL Certificate Expiry (15901)
  • SSL Certificate Expiry - Future Expiry (42981)
  • SSL Certificate Cannot Be Trusted (51192)
  • SSL Certificate Chain Contains Certificates Expiring Soon (83298)

The dashboard and its components are available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets.  The dashboard can be easily located in the SecurityCenter Feed under the category Monitoring.  The dashboard requirements are:

  • SecurityCenter 4.8.2
  • Nessus 6.8.1
  • PVS 5.1.0
  • LCE 4.8.1

One of Tenable’s goals is to help secure the future of organizations with continuous visibility and continuous context, so our customers can take decisive actions and achieve security assurance. To achieve this goal SecurityCenter CV helps to improve visibility, by resolving uncertainty and eliminating blind spots such as expired certificates in the organization. SecurityCenter CV helps organizations to understand the context of the security risks, remove complexity of risk analysis, and prioritize threats.  Allowing security operations teams to take action and make smarter decisions helps reduce risk exposure and loss. With SecurityCenter CV, customers can transform their security with continuous visibility and critical context, enabling decisive actions to protect their organizations.

Components

Summary Matrices - There are two matrices that provide a summary view of certificates that expire by the years of expiry. Each cell will identify systems using the plugin name and regular expression (regex) in the vulnerability text. The regex looks for expiration dates found in the certificates. When the indicator turns purple, there are systems with at least one certificate that expires in the respective year.  The first matrix is for years 2016 - 2024, the second matrix is 2025 - 2033.

Matrix by Year - The dashboard provides 8 matrix components each for the years (2016 - 2023), that provide a detailed view of system counts with certificates that expire during the respective year, separated by day and month. The filters in this matrix use regular expressions (regex), to provide the security operations team with a detailed view of the systems that have certificates and the date the certificate expires. When a match is found, the cell will turn purple and display a host count. As time progresses, the analyst may want to change the cell color to red to indicate a date that has passed to indicate a greater risk.

Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.