Keeping a record of domain certificates is an important aspect of maintaining a strong cyber security posture, and protecting an organization's assets, reputation, and operations against downtime and/or malicious behaviour.
Certificates are also important from a complicance perspective. Organizations need to demonstrate due diligence and accountability in the event of a security incident, to help protect the company from legal liability and regulatory action.
-
Navigate to
Advanced Query Builder > Domain Queries > Certificates -
Specify a
domain -
(Optional) Tick
with_metadatato include metadata -
(Optional) Specify a date in
date_minto include only domains that have had SSL certificates issued on or after the given date -
(Optional) Specify a
date_maxto only include domains that have had SSL certificates issued on or before the given date -
(Optional) Specify a number in
limitthat chooses the number of results to return -
(Optional) Choose wether or not to wait for results for longer running queries by choosing
job_idfor immediate results, orresultto wait -
(Optional) Enter a regular expression match in
domain_regex. This must be valid re2 regular expression. Choosing a regex overrides the 'domain' parameter -
(Optional) Specify a
cert_issuerto only include domains that have had SSL certificates issued using the named certificate issuer. Wildcards are supported -
(Optiona) Use
skipto choose an amount of results to skip -
(Optional) Enter a value in
max_waitto specify the number of seconds to wait for results before returning the Job ID -
Click
Search
Saving queries
Organizational users are able to save individual queries ran from Advanced Query Builder, and store them in the Private Queries menu for future analysis, or to share with their organization.
-
Specify the query parameters
-
Click
Save Query -
Give your query a
Name -
Specify a
Descriptionto add more context -
Click
Save