DEVOPSdigest

AppViewX announced that the company has entered into a Cooperative Research and Development Agreement (CRADA) with the National Cybersecurity Center of Excellence, part of the National Institute of Standards and Technology (NIST), to help organizations address visibility and implementation challenges associated with the TLS 1.3 Project.

The NIST preliminary practice guide for understanding what types of key management-based solutions could be used for achieving TLS 1.3 visibility is available free of charge here.

This project builds upon the NCCoE’s previous project, “TLS Server Certificate Management,” which showed organizations how to centrally monitor and manage their TLS certificates. This latest project will give security and IT professionals the tools they need to gain more visibility into the information being exchanged on their servers and to help them fully adopt TLS 1.3 in their private data centers and in hybrid cloud environments.

“AppViewX is committed to a standards-based approach for all certificate, key and automation use cases whenever possible. For example, we have partnered with Netscout to develop a prototype for the TLS 1.3 visibility challenge that we plan to formalize as an open industry standard,” said Murali Palamisamy, Chief Solutions Officer at AppViewX. “We are pleased to be working with NIST on the TLS 1.3 Project, which dovetails with our Secure Key Orchestration initiative that aims to secure and automate the management of all the encryption keys across distributed and hybrid enterprise environments.”

Transport Layer Security (TLS) certificates ensure secure communication between a client and a server by encrypting all transactions. While it is highly recommended to upgrade to the latest version, TLS 1.3, to strengthen security, organizations are finding it more difficult to implement network visibility strategies because of the forward secrecy process. This collaborative effort will help to address the security implications and visibility challenges of TLS 1.3 protocol changes.

The AppViewX Cloud-native Identity and Security Platform is used by Fortune-ranked organizations across financial services, banking, healthcare, oil and gas, manufacturing, and high tech to reduce cybersecurity risk and meet security compliance requirements. AppViewX CERT+ is a certificate lifecycle management (CLM) solution that automates the discovery, monitoring, analysis, provisioning and orchestration of digital certificates, including SSL/TLS, client and code signing certificates, to eliminate cloud service outages and prevent damaging security breaches. Delivered on-premises, in the cloud or as a service, AppViewX CERT+ is ready-to-consume and highly scalable to meet any organization’s identity governance and cybersecurity strategy.