ExtraHop named a Leader in the 2025 Forrester Wave™: Network Analysis And Visibility Solutions

Arrow pointing right
ExtraHop Logo
Try ExtraHop
Menu iconX icon
  • Platformchevron right
  • Solutionschevron right
  • Modern NDRchevron right
  • Resourceschevron right
  • Companychevron right
User iconSign In
Contact Us

DETECTION OVERVIEW

Wildcard TLS Server Certificate

Risk Factors

A wildcard certificate can encrypt traffic for all subdomains under a domain. Any unauthorized subdomain will appear as a trusted domain to clients.

Kill Chain

Hardening

Risk Score

61

Next in Hardening: Anonymous FTP Login

Attack Background

Mitigation Options

Remove wildcard certificates from production servers
Add specific subdomains or hostnames with the Subject Alternative Name (SAN) extension on a TLS certificate

What else can RevealX do for you?

View our Periodic Table of use casesArrow pointing right