Device Trust Manager
DigiCert® Device Trust Manager is a comprehensive security platform that delivers end-to-end protection for IoT devices. By handling the critical security infrastructure, Device Trust Manager enables OEMs to focus on product innovation rather than the complexities underlying security tasks.
Device manufacturers encounter significant challenges across the product lifecycle:
Design: Navigating complex compliance standards (for example, FIPS 140-2/3, EU CRA) and integrating secure hardware such as TPMs or TEEs.
Develop: Addressing software vulnerabilities and ensuring readiness for post-quantum cryptography (PQC).
Build: Protecting against counterfeit devices, securely provisioning credentials, and preventing unauthorized software.
Deploy: Adapting to evolving threats, managing secure software updates, and enabling zero-touch device deployment.
These challenges demand a robust, lifecycle-wide approach to device security.
Implementing best practices across the device lifecycle is essential to overcome these challenges. Device Trust Manager simplifies this process by enabling:
Design-phase security: Support for crypto agility and hardware-backed security.
Development integrity: Automated software validation and vulnerability scanning.
Manufacturing security: Secure credential provisioning and certificate distribution.
Operational resilience: Real-time threat monitoring, secure over-the-air updates, and zero-touch provisioning.
By automating and centralizing security tasks, Device Trust Manager accelerates time-to-market while ensuring compliance and security.
Device Trust Manager benefits
Device Trust Manager simplifies IoT device management and security by offering the following benefits:
Flexible credential provisioning: Easily register devices with existing x.509 certificates, symmetric keys, or have Device Trust Manager generate credentials for you.
Secure registration: Register device credentials individually or in bulk, providing flexibility for various manufacturing workflows.
Certificate issuance: Devices can exchange birth credentials for operational x.509 certificates, enabling secure authentication with cloud services and other devices.
Over-the-air updates: Deploy updates remotely to multiple devices with signed and scanned software, ensuring they run the latest approved versions.
TrustEdge: Powered by TrustCore SDK, TrustEdge simplifies device management, handling tasks such as software updates, and certificate renewal. It also includes an MQTT client for seamless integration with any MQTT-compliant broker.
API integration: Integrate Device Trust Manager into your systems through comprehensive Management REST APIs, offering full control over all portal functions.
Cloud agnostic: Choose any cloud platform for your connected product; Device Trust Manager works with any environment.
Standards compliance: Ensures secure communication and device management with support for MQTT 3.1.1/5.0, TLS 1.3, and various certificate protocols such as EST, SCEP, CMPv2, and ACME.
Regulatory compliance
Device Trust Manager helps OEMs comply with the growing list of IoT cybersecurity regulations worldwide. These regulations often require certificates for device identity and authentication, strong encryption, vulnerability monitoring, over-the-air updates, and more. Device Trust Manager simplifies compliance with industry standards and regulations, ensuring your IoT devices meet the necessary security requirements.
Key compliance areas include:
NIST standards: Supports identity proofing, authentication levels, and encryption via FIPS 140-2/140-3.
IETF RFC compliance: Ensures secure communication through adherence to cryptographic and protocol standards.
Sector-specific compliance: Meets regulatory requirements for healthcare (FDA regulations), automotive (UNECE WP.29), and industrial infrastructure (ISA/CIP).