AppViewX Releases Risk Readiness Assessment Capabilities for Google’s 90-Day TLS Certificate Validity Proposal
April 10, 2024

AppViewX announced new functionality in the AppViewX CERT+ certificate lifecycle management automation product that helps organizations prepare for Google’s proposed 90-day TLS certificate validity policy.

AppViewX CERT+ provides visibility, automation and control to manage both public and private trust certificates so organizations can minimize disruption, enhance their overall cybersecurity posture and adapt to the coming changes that will reduce maximum TLS certificate validity from 398 days to 90 days.

Google's proposed policy, likely to be implemented in late 2024, poses a substantial challenge for organizations of all sizes, particularly those with a large number of public trust certificates. It will force organizations to renew their TLS certificates every three months down from the current thirteen month validity period. This change, meant to increase cybersecurity protection and defense in depth against bad actors, will put tremendous stress on PKI, IT operations and security teams, and increase the risk of application and service disruptions due to expired certificates.

In a recent Forrester research study, 58% of organizations that suffered a data breach attributed the cause to avoidable certificate management issues. Additionally, many enterprise organizations continue to suffer application and service outages due to expired certificates, such as the Starlink incident in 2023.

“Google's 90-day TLS certificate expiration policy ensures better security processes by highlighting the need for reduced validity periods via automation. Without certificate lifecycle automation, enterprises will face operational challenges in managing digital certificates at scale with on-time renewals,” said Gregory Webb, CEO of AppViewX. “Our new Google 90-Day TLS readiness functionality enables businesses to inventory their entire certificate estate while providing the automation readiness for a seamless transition to the new policy via certificate revocation, issuance and reprovisioning in order to avoid potentially disruptive events.”

The AppViewX CERT+ Google 90-Day TLS Readiness Capability provides the following benefits at no additional cost to customers to help them identify and renew certificates before they expire, validate domain ownership, and understand their risk:

- Discovery, Inventory and Analysis: Performs a thorough discovery of existing public TLS certificates (from various sources such as network and device scans, CT logs, CA repositories and 3rd party inventories), creates a comprehensive inventory and provides analysis to determine the potential impact of the new 90-day renewal policy.

- Security and Risk Assessment: Identifies heightened security risks and operational challenges created by the shortened certificate lifespan.

- Compliance Check: Ensures that all TLS certificates and configurations will still be compliant with Google's updated policy before it is approved by the CA/Browser Forum, including security and encryption protocols.

- Automation Readiness: Evaluates the organization's ability to automate the certificate renewal and management process, which is critical for performing the frequent renewals required by Google's policy.

The AppViewX Google 90-Day TLS Readiness Capability is available immediately to all AppViewX customers and partners using the SaaS version of AppViewX CERT+.

Share this

Industry News

April 03, 2025

StackGen has partnered with Google Cloud Platform (GCP) to bring its platform to the Google Cloud Marketplace.

April 03, 2025

Tricentis announced its spring release of new cloud capabilities for the company’s AI-powered, model-based test automation solution, Tricentis Tosca.

April 03, 2025

Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.

April 03, 2025

AutonomyAI announced its launch from stealth with $4 million in pre-seed funding.

April 02, 2025

Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.

April 02, 2025

Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.

April 02, 2025

Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.

April 02, 2025

Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)

April 02, 2025

Opsera raised $20M in Series B funding.

April 02, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.

April 01, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.

April 01, 2025

Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.

April 01, 2025

Platform9 announced that Private Cloud Director Community Edition is generally available.

March 31, 2025

Sonatype expanded support for software development in Rust via the Cargo registry to the entire Sonatype product suite.

March 31, 2025

CloudBolt Software announced its acquisition of StormForge, a provider of machine learning-powered Kubernetes resource optimization.