TL; DR: Companies have a host of resources to worry about within their systems. And most of the time, they don’t even know that vulnerabilities exist. This is where DigiCert steps in. DigiCert helps protect users from cyber threats by providing companies with security solutions in the areas of SSL, PKI, and IoT, among others. We spoke with Brian Trzupek, Senior Vice President of Product at DigiCert, about how the platform allows users to monitor their infrastructure systems and establish zero trust.
Many threats live on the internet, waiting to attack unsuspecting users. New vulnerabilities, brought on by new technologies, have not made it any easier. Similar to how viruses mutate to survive in a host’s body, bad actors constantly change their tactics to thrive in new environments. Businesses onboarding more software have made these vulnerabilities more substantial, giving bad actors new entry points to borrow deeper into their infrastructure systems.
Sounds scary, right? The consequences of these attacks are real and can include a crippling reputation or a dramatic revenue loss. Businesses can lose control of their infrastructure and suffer irreparable damage from downtime. Companies looking to take proactive steps to protect their overarching systems from cyberattacks can start by gaining visibility through their work with DigiCert.
“We’re the leading global provider of digital trust. So we’re focused on providing users and organizations the confidence to engage in a digitally connected world. Our technology is the foundational layer for zero trust in all our digital interactions,” said Brian Trzupek, Senior Vice President of Product at DigiCert.
As a leader in digital trust, DigiCert is much more than a certificate authority. The company focuses on the many use cases requiring digital trust and provides a platform, DigiCert ONE, for companies to manage all of their trusted interactions across servers, users, devices, software, and content. Now that companies juggle more software and tools than ever before, DigiCert empowers technology leaders to better manage their tools and remain informed on their software.
Laying the Foundation for Zero Trust
DigiCert began as a certification authority in 2003. The idea for the company spun out of the need for a simpler SSL certification process. Purchasing certificates had many difficulties and required navigating multiple entities to validate one. So DigiCert created a more seamless way to get these certifications.
“From that point, we established these real strong roots for our customer experience. And that exists today. We have a huge support team and frontline people helping all kinds of people around the world,” said Brian.
This need to help people solve real-world problems pushed DigiCert to expand into other security areas. Since the world has become increasingly more interconnected and digital, DigiCert set out to create solutions that could be a foundation for overarching systems.
“We’re managing all those environments for them. It could be a publicly trusted environment, like our DigiCert CA. Or we spin up and create private trust environments for customers where they can create their own trust chains,” said Brian.
DigiCert’s digital trust solutions cover various areas of a company’s infrastructure, including IoT, documents, software, servers, and enterprise IT, among others. Businesses have a lot to manage, and many of these assets can slip through the cracks without proper visibility. DigiCert gives users control over their systems and helps establish zero trust by continuously validating and authenticating resources within the organizations.
“We’re in everything from drill heads in the bottom of the ocean to satellites in outer space. We have technology through that and everything in between. It’s just phenomenal how foundational our technology is to the world,” said Brian.
DigiCert ONE®, the Platform for Digital Trust
Although DigiCert started as a certification authority, its work in PKI and digital trust has helped thousands of companies, including Fortune 500s and SMBs, monitor and secure their systems. The Trust Lifecycle Manager has allowed businesses to reduce risks and gain control over their environments by using a centralized view to manage thousands of certificates from DigiCert or external sources.
“We’re creating an infrastructure that allows them first to inventory everything because you don’t know where it’s coming from. It’s porous and coming into their environment from a million different places and vendors,” said Brian.
The DigiCert Trust Lifecycle Manager includes a filtering view, which enables companies to see not only what they have but also where they can make improvements. A company might have a legacy PKI with vulnerabilities they don’t know about, but DigiCert can notify them and identify solutions to reduce business interruptions.
DigiCert integrates with the customer’s solutions to work in their existing environments. DigiCert also helps companies manage trust in a unified way with automation, deep integrations, turnkey certificate profiles, notifications, and alerts.
“The last mile is the automation side. So now that I’ve got my hands around what I care about and the right people know about it, how will I move it? We’re taking customers on this journey to automate everything. Identify, notify, and then automate,” said Brian.
If a certificate expires or needs updating, DigiCert’s built-in automation makes it easy to update those resources and remain reliable. Plus, its automation is completely flexible. Customers can have a fully automated system or build a semi-automated one where they can review an update before it goes live. DigiCert can also verify identities across organizations to protect against malicious attacks.
“We’re not writing tools and making them. Instead, we’re integrating and putting them together in a unique way where trust and identity can come into that framework. We’re marrying all those pieces together to help people avert some of those challenges,” said Brian.
Adding a Variety of New Platform Integrations
DigiCert helps businesses validate identities, identify vulnerabilities, and resolve security issues by integrating with their environments. DigiCert’s integration framework is the basis for how it interacts with customer environments. And the certification company continues to add more integrations to its platform.
“We’re constantly integrating with more single sign-on vendors and allowing organizations to come into us using their own identity systems and IAM systems to control our platforms, determine provision use, and all those things,” said Brian.
DigiCert will also support more public and private certification authorities as 2023 goes on, adding them for customers who need them. The team expects more integrations will follow suit, including for enterprise ticketing systems, hardware tokens, last-mile technology such as VPNs and mail clients, and SaaS products.
“We just want to make PKI seamless. We don’t want people even know it’s there. Security is just the foundation, and everything’s built on it,” said Brian.
DigiCert’s platform is a valuable solution for companies of any size and function. By leveraging its technology, businesses can better manage their resources and keep a watchful eye on all their systems, from internal and on-prem systems to those at the edge and in the cloud.
“We can help you keep everything automated so that they are up and reliable. And we have world-class validation. So we do all sorts of things with identities, organizations, individuals, businesses, proving they are who they are so that they can participate in larger ecosystems than SSL,” said Brian.