Contact Us

EZMonitor How It Works

Request Demo

How Certificate Transparency Logs Work

After a compromised Certificate Authority was used to attack Google customers, Google pushed the industry to create Certificate Transparency logs. Each publicly trusted certificate must be registered in these logs by the certificate authority for it to be trusted by a web browser. Enabling organizations to monitor the logs and detect any certificate that was not issued by the organization.

1

An domain owner requests a certificate

2

The Certificate Authority registers the certificate in multiple certificate transparency log providers

3

The issued certificate is returned to the domain owner to be installed in their web servers

image

How EZMonitor Works

EZMonitor enables you to monitor and detect all publicly trusted TLS/SSL certificates by scanning and indexing Certificate Transparency Logs. EZMonitor uses the information gathered from scanning the more than 10 million certificates that are created on a daily basis and creates an easy to use health dashboard where you can see your organization's SSL health. EZMonitor also uses intelligence to detect and alert on anomalies that could affect your organization's reputation either by causing an outage or enabling an attack.

image

Detect Unauthorized Certificate Issuance

Unauthorized issued certificates can rage from a developer in your organization not following your approved certificate issuance process and issuing a certificate through another provider, to an attacker compromising a certificate authority and issuing a rogue certificate on behalf of your organization. EZMonitor enables you to monitor all certificates issued for your organization and detect any unauthorized certificate issuance.


Detect Expiring Certificates Before They Cause an Outage

Over the past few years, over 80% of companies have reported a certificate related outage, this includes high profile outages such as Epic Games 2021 outage. EZMonitor helps you prevent SSL related outages by alerting on certificates near expiration date that have not been renewed. EZMonitor will also scans your organization's publicly available endpoints and will alert on any endpoint where a new certificate has not been installed.


Monitor Sub Domains

With the growth of the cloud and sites being more dynamic sub-domain takeover has dramatically increased over the past few years. Domain takeover occurs when a DNS entry for a subdomain is not removed from the DNS record when the site is no longer used. This enables attackers to create a site on that resource and impersonate your organization. EZMonitor scans your subdomains and alerts you if any dangling DNS entry pointing to a cloud resource is found. Watch our webinar where we talk about how EZMonitor found over 30,000 vulnerable Azure domains in it's first month of operation.


Phishing Detection

With phishing attacks on the rise, attackers are getting more creative in how to impersonate your organization. A popular method of impersonating companies is by creating a sub-domain containing your domain such as: your_domain.com.hackers_domain.com making your user believe that it is a valid domain since it starts with your_domain.com. EZMonitor actively monitors the web and alerts you if a certificate containing your domain is detected.


Automated SSL Expert

Keeping up with the latest SSL security news and best practices is a full time job. EZMonitor keeps up with the latest SSL news such as the 2021 Let's Encrypt misconfiguration If a misconfiguration is detected in one of your domains, EZMonitor alerts you with detailed step by step actions you must take to keep your organization secure and compliant.



How EZMonitor Internal Network Scan Works

EZMonitor also enables you to gain visibility into your private certificates by scanning the internal network of your organization. EZMonitor internal network scan requires you to run our scanning agent from a Windows machine. To ensure the agent detects as many certificates as possible, EZMonitor has three scanning features:


Active Directory Certificate Services (ADCS) Certificate Download

This function contacts your ADCS Certificate Authority and downloads all the certificates issued by that CA and uploads them to EZMonitor. EZMonitor then uses our cloud intelligence alert you on any certificate errors that might cause an outage.


Active Directory DNS Lookup

While EZMonitor enables you to add a list of domains to monitor, it is not always possible to add and maintain all the domains in your organization. EZMonitor uses Active Directory DNS lookup to find all the domains that are hosted on your organization and will automatically add them to the scanning range, ensuring all your domains are scanned.


Network Scan

EZMonitor scanning agent will get the list of domains that has been created by: manual upload, ADCS certificate download, and AD DNS lookup. EZMonitor will then scan all the domains and will alert you on any SSL issue detected on the network.

Secure Your SSL Endpoints in Minutes

Get a Free SSL health Assessment

Talk to one of SSL experts on how EZMonitor can protect your organization while preventing a costly outage. Schedule Free Assessment