Discovery Scan for Public TLS Certificates
The CA/B Forum has approved a phased policy to shorten public TLS certificate lifespans—from 398 days today to just 47 days by March 2029. The first enforcement hits in March 2026, dropping the maximum validity to 200 days, and again in 2027 to 100 days. These changes compress renewal windows and raise the stakes for teams managing public certificates. This TLS certificate scan helps you get ahead—by identifying gaps in visibility and laying the groundwork for 47-day certificate lifecycles.
CyberArk’s TLS Certificate Discovery Scan quickly reveals which public-facing certificates are expired, expiring soon, misconfigured, or non-compliant—so you can take action before it disrupts your business. You’ll be able to:
Get an inventory of your publicly trusted TLS certificates.
Identify TLS certificates nearing expiration to prevent unplanned outages.
Detect rogue, weak, or misconfigured TLS certificates before they trigger an outage.
Confirm certificates are issued by approved certificate authorities and align with your security policies.
No deployment required. Just sign up with your business email (we scan the domain tied to that email) and get a detailed report powered by CyberArk Certificate Manager.
It only takes minutes to start. Results can help guide your automation and compliance strategy.

Start Your TLS Certificate Scan

“The CyberArk Identity Security Platform is a great tool for providing simple and secure access to our staff. By removing the burden of creating and remembering passwords and offering seamless, one-click access, we are improving productivity and enhancing our security posture.”
John Vincent, Director of Technology, Chico Unified School District

"CyberArk has been the best vendor I have worked with in my 20+ year IT career. CyberArk delivers great products that lead the industry in managing privileged access."
IT Security Manager, Security and Risk Management

"With CyberArk, we are confident that we have implemented technology that will work with us as our business grows and develops."
Jean-Pierre Blanc, Bouygues Telecom

"This isn’t just a compliance check-box exercise, we’re actively designing and aligning policies to cybersecurity best practices to strengthen our overall security posture and align internal teams."
Joel Harris, Manager

"CyberArk gave us the visibility and granular control needed to implement both least privilege and ‘default deny’ application control with minimal disruption to the organization."
Ken Brown, CISO

"With RPA and Cloud migrations, credentials are becoming more and more spread out away from 'normal' controls. CyberArk can spread out to cover all of the scenarios in a standard way."
Information Security Consultant, Enterprise Cybersecurity Solutions Technologies
CyberArk Marketplace
Browse our online marketplace to find integrations.















