AppViewX Releases Risk Readiness Assessment Capabilities for Google’s 90-Day TLS Certificate Validity Proposal
April 10, 2024

AppViewX announced new functionality in the AppViewX CERT+ certificate lifecycle management automation product that helps organizations prepare for Google’s proposed 90-day TLS certificate validity policy.

AppViewX CERT+ provides visibility, automation and control to manage both public and private trust certificates so organizations can minimize disruption, enhance their overall cybersecurity posture and adapt to the coming changes that will reduce maximum TLS certificate validity from 398 days to 90 days.

Google's proposed policy, likely to be implemented in late 2024, poses a substantial challenge for organizations of all sizes, particularly those with a large number of public trust certificates. It will force organizations to renew their TLS certificates every three months down from the current thirteen month validity period. This change, meant to increase cybersecurity protection and defense in depth against bad actors, will put tremendous stress on PKI, IT operations and security teams, and increase the risk of application and service disruptions due to expired certificates.

In a recent Forrester research study, 58% of organizations that suffered a data breach attributed the cause to avoidable certificate management issues. Additionally, many enterprise organizations continue to suffer application and service outages due to expired certificates, such as the Starlink incident in 2023.

“Google's 90-day TLS certificate expiration policy ensures better security processes by highlighting the need for reduced validity periods via automation. Without certificate lifecycle automation, enterprises will face operational challenges in managing digital certificates at scale with on-time renewals,” said Gregory Webb, CEO of AppViewX. “Our new Google 90-Day TLS readiness functionality enables businesses to inventory their entire certificate estate while providing the automation readiness for a seamless transition to the new policy via certificate revocation, issuance and reprovisioning in order to avoid potentially disruptive events.”

The AppViewX CERT+ Google 90-Day TLS Readiness Capability provides the following benefits at no additional cost to customers to help them identify and renew certificates before they expire, validate domain ownership, and understand their risk:

- Discovery, Inventory and Analysis: Performs a thorough discovery of existing public TLS certificates (from various sources such as network and device scans, CT logs, CA repositories and 3rd party inventories), creates a comprehensive inventory and provides analysis to determine the potential impact of the new 90-day renewal policy.

- Security and Risk Assessment: Identifies heightened security risks and operational challenges created by the shortened certificate lifespan.

- Compliance Check: Ensures that all TLS certificates and configurations will still be compliant with Google's updated policy before it is approved by the CA/Browser Forum, including security and encryption protocols.

- Automation Readiness: Evaluates the organization's ability to automate the certificate renewal and management process, which is critical for performing the frequent renewals required by Google's policy.

The AppViewX Google 90-Day TLS Readiness Capability is available immediately to all AppViewX customers and partners using the SaaS version of AppViewX CERT+.

Share this

Industry News

May 16, 2024

Pegasystems announced the general availability of Pega Infinity ’24.1™.

May 16, 2024

Mend.io and Sysdig unveiled a joint solution to help developers, DevOps, and security teams accelerate secure software delivery from development to deployment.

May 16, 2024

GitLab announced new innovations in GitLab 17 to streamline how organizations build, test, secure, and deploy software.

May 16, 2024

Kobiton announced the beta release of mobile test management, a new feature within its test automation platform.

May 15, 2024

Gearset announced its new CI/CD solution, Long Term Projects in Pipelines.

May 15, 2024

Rafay Systems has extended the capabilities of its enterprise PaaS for modern infrastructure to support graphics processing unit- (GPU-) based workloads.

May 15, 2024

NodeScript, a free, low-code developer environment for workflow automation and API integration, is released by UBIO.

May 14, 2024

IBM announced IBM Test Accelerator for Z, a solution designed to revolutionize testing on IBM Z, a tool that expedites the shift-left approach, fostering smooth collaboration between z/OS developers and testers.

May 14, 2024

StreamNative launched Ursa, a Kafka-compatible data streaming engine built on top of lakehouse storage.

May 14, 2024

GitKraken acquired code health innovator, CodeSee.

May 13, 2024

ServiceNow introduced a new no‑code development studio and new automation capabilities to accelerate and scale digital transformation across the enterprise.

May 13, 2024

Security Innovation has added new skills assessments to its Base Camp training platform for software security training.

May 13, 2024

CAST introduced CAST Highlight Extensions Marketplace — an integrated marketplace for the software intelligence product where users can effortlessly browse and download a diverse range of extensions and plugins.

May 09, 2024

Red Hat and Elastic announced an expanded collaboration to deliver next-generation search experiences supporting retrieval augmented generation (RAG) patterns using Elasticsearch as a preferred vector database solution integrated on Red Hat OpenShift AI.

May 09, 2024

Traceable AI announced an Early Access Program for its new Generative AI API Security capabilities.