Cryptographic Key Inventory

Where are my keys and certificates? How are they protected?

"Key management is the hardest part of cryptography and often the Achilles' heel of an otherwise secure system."
— Bruce Schneier, Preface to Applied Cryptography, Second Edition.

The majority of security failures in cryptography can be traced to key management errors, such as hard-coded keys, poorly protected credentials, and insecure keystores. The first step in preventing these issues is to have an up-to-date inventory of all your cryptographic keys and certificates.

How do I know what my keys are doing?

Cryptographic key inventory is a list of where all of your cryptographic keys are in the whole of your IT infrastructure across applications, networks and hardware.
It should include information about where keys are stored, what they are doing and who has access to them.

Cryptography Inventory White Paper

How to Build and Maintain a Cryptography Inventory

At Cryptosense, we have followed several of our customers as they create or upgrade their cryptography inventory. We have seen that in practice, every organization’s cryptography inventory will be a little different, depending on how and where cryptography is used relative to the business-critical functions of the organization. Indeed, successful cryptography inventory projects typically apply a different methodology to different parts of the application estate or infrastructure, in order to prioritize resources to the most important areas.

In this whitepaper, we will discuss the lessons learned from these projects and the best practice approaches that will enable you to guide your own cryptography inventory project.

Already registered? Log in here.


As a subscriber to our Knowledge Base, you have free access to all of our white papers, on-demand webinars and more.
Download white paper

Register now

Register for free access to all of our white papers, on-demand webinars and more.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.