•  PRODUCTS & SERVICES 
  • Catbird V-Security
    • Catbird V-Security Overview
    • Virtual Security Assessment
    • TrustZones
    • HypervisorShield
    • VMShield
    • Virtual Machine Policy Compliance
    • Virtual Server Sprawl Manager
    • Catbird Compliance
  • Certification/Training (CVSP)
  • Website Security
    • Catbird Pharming Shield
    • Vulnerability Monitoring
    • Website Defacement Monitoring
    • Website Hijacking
    • Web Performance Monitoring
    • DNS Server Monitoring
  • Network Access Control
    • Rogue LAN Monitoring
    • IPS/IDS
    • Network Vulnerability Monitoring
    • Rogue WiFi Monitoring
    • Policy and Trusted Scan
  • Catbird Agents
    • Catbird V-Agent Overview
    • Catbird V-Agent
    • Catbird Pocket V-agent
  • Catbird Compliance
    • HIPAA Compliance
•  PARTNERS 
  • Partner Benefits
  • Become a Partner
  • Partner FAQ
  • Partner Application
  • Partner Login
•  NEWS & EVENTS 
  • Press Releases
  • Events
  • Catbird Blog
  • Security News
  • Videos and Podcasts
•  RESOURCE CENTER 
  • Customer Overview
  • Customer Case Studies
  • White Papers
  • Analysts Reports

Secure Certificate Monitor

How It Works

To keep your customers' online shopping and banking transactions hacker-proof, the Secure Certificate Monitor compares your SSL certificate to the one being used every 2 minutes, from multiple locations across the Internet.

More specifically, Catbird’s Secure Certificate Monitor is a safeguard against BGP poisoning. There are hundreds, if not thousands, of outer edge routers out on the Internet broadcasting BGP routing information to each other. These BGP records change legitimately all of the time, so they are impossible to monitor directly. A man in the middle exploit is one in which a hacker steals part of the traffic headed to your website by poisoning BGP routes and then exchanges a SSL certificate with your customer. The hacker then sends the traffic on to your site, camouflaging the fact that he has already intervened. Now, the bad guys can see secure traffic in its decrypted form, including confidential information such as account numbers and passwords.

An attack like this is particularly insidious as it usually happens without customer or vendor knowledge. Indeed, it may have already happened to you and is a very difficult scheme to protect against. However, the Catbird SSL monitor can detect such sinister activity. One or more of Catbird’s swarm of agents would follow the poisoned path and detect the hackers exploit by checking the accuracy of the secure certificate being exchanged. An SSL certificate is a unique fingerprint. Catbird's Secure Certificate Monitor essentially picks up this fingerprint from the target and then continually compares the results from all over the world. If someone were to change the BGP routing to send traffic to the wrong target, one or more remote Catbird agents routed to this malicious destination would send the alarm. If there is a mismatch, or the connection is not secured, Catbird immediately alerts you via pager or email.

Secure Certificate Data Sheet

Secure Certificate Monitor Overview

866.682.0080 tel
708.221.0401 fax