Skip to main content

Device Trust Manager

DigiCert​​®​​ is a comprehensive security platform that delivers end-to-end protection for IoT devices. By handling the critical security infrastructure, enables OEMs to focus on product innovation rather than the complexities underlying security tasks.

device-trust-manager-challenges_01.png

Device manufacturers encounter significant challenges across the product lifecycle:

  • Design: Navigating complex compliance standards (for example, FIPS 140-2/3, EU CRA) and integrating secure hardware such as TPMs or TEEs.

  • Develop: Addressing software vulnerabilities and ensuring readiness for post-quantum cryptography (PQC).

  • Build: Protecting against counterfeit devices, securely provisioning credentials, and preventing unauthorized software.

  • Deploy: Adapting to evolving threats, managing secure software updates, and enabling zero-touch device deployment.

These challenges demand a robust, lifecycle-wide approach to device security.

device-trust-manager-challenges_02.png

Implementing best practices across the device lifecycle is essential to overcome these challenges. simplifies this process by enabling:

  • Design-phase security: Support for crypto agility and hardware-backed security.

  • Development integrity: Automated software validation and vulnerability scanning.

  • Manufacturing security: Secure credential provisioning and certificate distribution.

  • Operational resilience: Real-time threat monitoring, secure over-the-air updates, and zero-touch provisioning.

By automating and centralizing security tasks, accelerates time-to-market while ensuring compliance and security.

Device Trust Manager benefits

simplifies IoT device management and security by offering the following benefits:

  • Flexible credential provisioning: Easily register devices with existing x.509 certificates, symmetric keys, or have generate credentials for you.

  • Secure registration: Register device credentials individually or in bulk, providing flexibility for various manufacturing workflows.

  • Certificate issuance: Devices can exchange birth credentials for operational x.509 certificates, enabling secure authentication with cloud services and other devices.

  • Over-the-air updates: Deploy updates remotely to multiple devices with signed and scanned software, ensuring they run the latest approved versions.

  • : Powered by , simplifies device management, handling tasks such as software updates, and certificate renewal. It also includes an MQTT client for seamless integration with any MQTT-compliant broker.

  • API integration: Integrate into your systems through comprehensive Management REST APIs, offering full control over all portal functions.

  • Cloud agnostic: Choose any cloud platform for your connected product; works with any environment.

  • Standards compliance: Ensures secure communication and device management with support for MQTT 3.1.1/5.0, TLS 1.3, and various certificate protocols such as EST, SCEP, CMPv2, and ACME.

Regulatory compliance

helps OEMs comply with the growing list of IoT cybersecurity regulations worldwide. These regulations often require certificates for device identity and authentication, strong encryption, vulnerability monitoring, over-the-air updates, and more. simplifies compliance with industry standards and regulations, ensuring your IoT devices meet the necessary security requirements.

image-20240220-192431.png

Key compliance areas include:

  • NIST standards: Supports identity proofing, authentication levels, and encryption via FIPS 140-2/140-3.

  • IETF RFC compliance: Ensures secure communication through adherence to cryptographic and protocol standards.

  • Sector-specific compliance: Meets regulatory requirements for healthcare (FDA regulations), automotive (UNECE WP.29), and industrial infrastructure (ISA/CIP).