Virtual Event Today: Cyber AI & Automation Summit - Register/Login Now
Connect with us

Hi, what are you looking for?


Security Architecture

Facebook Launches Certificate Transparency Monitoring Tool

Facebook has launched a free online tool, named Certificate Transparency Monitoring, that allows users to obtain information on the digital certificates issued for a specified domain.

Facebook has launched a free online tool, named Certificate Transparency Monitoring, that allows users to obtain information on the digital certificates issued for a specified domain.

Google’s Certificate Transparency (CT) project provides an open framework for monitoring and auditing TLS certificates in near real time in an effort to help organizations detect malicious or mistakenly-issued certificates.

Facebook has been running a CT monitoring service of its own since last year and it has now decided to make it available to the public.

The social media giant continuously checks the major public CT logs for certificates issued on behalf of its domains, and in the process it collects certificate information from various certificate authorities (CAs).

Through its Certificate Transparency Monitoring tool, the company wants to provide users access to the data it has collected and allow them to monitor domains that are of interest. In addition to searching for certificates associated with a specified domain, users can subscribe to a domain and Facebook will notify them via email if new certificates are identified.

“Certificate Authorities issue hundreds of certificates every minute, but by using Facebook infrastructure, we can quickly process large amounts of data and provide a reliable and efficient search function for certificates listed for a domain,” explained Bartosz Niemczura, a software engineer on Facebook’s product security team.

Niemczura pointed out that since CT logs are public information, the tool can be used by anyone, not just webmasters. However, he cautioned that not all certificates are submitted to CT logs.

“Facebook’s support for Certificate Transparency is a great step forward,” Kevin Bocek, VP of Security Strategy and Threat Intelligence for Venafi, told SecurityWeek. “Cryptographic keys and digital certificates provide the foundations of trust and privacy for the global economy yet we blindly trust them. Facebook’s new certificate transparency monitoring is one more sign the world is finally waking up to the problem of certificate abuse.”

Advertisement. Scroll to continue reading.

“The ultimate goal of certificate transparency is to stop abuse of issuance – a key concern with the rise of free certificate offerings like Let’s Encrypt. As enterprises finally acknowledge the impact of digital certificate abuse and theft, they’re increasingly turning to Certificate Reputation, which builds upon certificate transparency and empowers businesses to actively decide which certificates should be trusted,” Bocek added. “As we look towards 2017, I expect – and hope – to see more new innovations like this to solve the problem of malicious certificate use.”

This is not the only tool released by Facebook in recent months. In September, the company announced the availability of a Windows version for Osquery, an instrumentation framework designed for exploring operating systems via SQL-based queries.

Related: Chrome’s Certificate Transparency to Become Mandatory

Related: Google to Distrust WoSign, StartCom Certificates

Related: Google Adds Certificate Transparency Log for Untrusted CAs

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...


Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...