Onevinn PKI Auto-Revoke

We at Onevinn have worked with PKI since the inception of our company more than a decade ago. Over the years we have realized that one task in an PKI implementation almost never gets enough attention ant therefore is almost never performed, and that is certificate revocation (blacklisting), when a person quits, a computer/device gets lost or a potential compromise has occurred.

This in addition to stricter GDPR regulations has inspired us to take action and develop a service that will perform this task so the customer doesn't have to worry about this security issue and potential GDPR violation.

Our approach to solving this problem is the Onevinn PKI Auto Revoke service. What this service does is to, according to your on-premise Active Directory user and computer/device state (active/inactive resp enabled/disabled), revoke certificate in near real-time (configurable).

Example 1: A person quits their job at Company X resulting in a request to a Company Administrator to disable his/her account in Active Directory (or in Azure which gets synced to on-prem Active Directory).
This change in Active Directory in turn will get picked up by Onevinn PKI Auto Revoke and make sure that all certificates that belong to this user are revoked (permanently or temporary depending on configuration).

Example 2: A device goes missing at Company X resulting in a request to a Company Administrator to disable the device in Active Directory (or in Azure which gets synced to on-prem Active Directory).
This change in Active Directory in turn will get picked up by Onevinn PKI Auto Revoke and make sure that all certificates that belong to this device are revoked (permanently or temporary depending on configuration).

Below is a little technical demo

More information can be found here!

Is you have any questions or want to find out more or even run a demo, don't hesitate to contact us!