Research

Public SSL Certificate Monitoring Reports

SSL Certificate Monitoring Survey
Detecting Fraudulent SSL Usage on the Internet

CSS Research offers continuous oversight and threat intelligence insights on the digital certificates used to secure SSL/TLS connections across the Internet

 alt=



Public SSL Scanner

 *Reports are generated bi-monthly.

What we’re doing

Certified Security Solutions (CSS) has invested in an effort to gain continual oversight of the digital certificates used to secure SSL/TLS connections on the Internet. To do this, we have created a system we call the Certificate Spider, which is designed to make HTTPS connections to systems on the Internet to obtain information about these certificates. The Certificate Spider initiates an SSL handshake, obtains the certificates used to secure the transaction, issues an HTTP GET Robots.txt in order to provide a browser agent and identify ourselves, and makes no further inquiry of the system.

Why we’re doing it

Digital certificates form the basis for secure identity and enable secure e-commerce on the Internet. As with identities in the physical world, there can be dire consequences if someone impersonates an organization on the Internet, or uses falsified identification. However, SSL and the global Public Key Infrastructure (PKI) community is facing an unprecedented series of security challenges and attacks against this basis of trust. Fraudulently issued or fake certificates have become a significant security risk to organizations large and small, and even to the public at large, and can become the basis of phishing attacks, identity theft, and corporate espionage.

CSS is committed to helping secure the Internet SSL/TLS and PKI community by continually combing the Internet for fraudulent certificates.

This work is being done in preparation for participation in the Google-sponsored Certificate Transparency project.

What we’re NOT doing

CSS has not – and will not – make use of these SSL connections to perform network scanning actions such as penetration testing, cipher suite analysis, or vulnerability tests (e.g. Heartbleed, FREAK, etc.). Our goal is simply to obtain publicly-available certificate data as reflected in the reports above.

For More Information...

If you have questions or concerns, please send an email to research@css-security.com and we will be happy to further discuss the details of this research.

Custom sample SSL/TLS certificate reports are available at zero cost for your company, please also contact research@css-security.com, or click below to submit your request.

Request a Sample Report

For More Information

If you have questions or concerns, please send an email to research@css-security.com and we will be happy to further discuss the details of this research.

Custom sample SSL/TLS certificate reports are available at zero cost for your company, please also contact research@css-security.com, or click below to submit your request.

Request your custom SSL TLS certificate report