Network scans
Network scans use DigiCert sensors to scan your network and find all your internal and public-facing TLS/SSL certificates, regardless of the issuing certificate authority (CA). The sensors are gateway applications that you install in strategic locations on your network.
Each scan is linked to one sensor. Configure the scan to examine different port numbers on specific fully qualified domain names (FQDNs) or IP addresses for the presence of TLS/SSL certificates. Run the scan immediately, once at a specified time, or multiple times on a set schedule.
These scans provide detailed information about certificates in your network, including post-quantum cryptography (PQC) certificates:
Common name
Expiration date
Certificate status
Issuing certificate authority
Ports and IP addresses of the certificate host
Certificate security ratings
Certificates using NIST-approved PQC algorithms
Network scans can also identify the operating system and server application of your host, and any unsecured IP addresses and ports with missing TLS/SSL certificates.