AWS IoT Device Defender now supports audit check of revoked intermediate Certificate Authority
Share
Services
[AWS IoT Device Defender](https://docs.aws.amazon.com/iot/latest/developerguide/device-defender.html), a fully managed service for auditing and monitoring devices connected to AWS IoT, now supports a new audit check for revoked intermediate Certificate Authority (CA). If a CA revokes an intermediate CA because it is potentially compromised, then all certificates issued by that intermediate CA are also potentially compromised and invalid. This new audit check identifies active device certificates issued by a revoked intermediate CA, and helps customers review and replace these active device certificates.
To use this feature, you can enable the new audit check in the [Device Defender audit section](https://console.aws.amazon.com/iot/home?region=us-west-2#/dd/auditIntro). If you have not enabled Device Defender audit, you can do it with [one-click on Device Defender](https://console.aws.amazon.com/iot/home?#/dd/auditIntro) to help secure your IoT devices. If the CA certificates have an issuer endpoint declared in X.509 extension, this audit check identifies the revoked intermediate CAs and reports the active device certificates issued by them. You can disable the compromised device certificate using a pre-built mitigation action or initiate a custom mitigation through a Lambda function. More documentation for [Device Defender audit CA check](https://docs.aws.amazon.com/iot/latest/developerguide/audit-chk-active-intermediary-device-revoked-CA.html) can be found here. This feature is available in all regions where AWS IoT Device Defender is available.
What else is happening at Amazon Web Services?
Amazon AppStream 2.0 users can now save their user preferences between streaming sessions
December 13th, 2024
Services
Share
AWS Elemental MediaConnect Gateway now supports source-specific multicast
December 13th, 2024
Services
Share
Amazon EC2 instances support bandwidth configurations for VPC and EBS
December 13th, 2024
Services
Share
AWS announces new AWS Direct Connect location in Osaka, Japan
December 13th, 2024
Services
Share
Amazon DynamoDB announces support for FIPS 140-3 interface VPC and Streams endpoints
December 13th, 2024
Services
Share