CertWatch
Automated monitor/alert of system certificate store add/removal for Windows.
Blaser CertWatch is an automated system certificate store checking for Windows workstation and server. Alerts users to the addition and removal of system certificates. This new, free utility will monitor any changes made to the Windows Certificate Stores on your system. Certificates can bed added or removed to your system for a variety of reasons - Windows Updates, new software packages, etc. can make alterations to the certificate store. Unfortunately, some malicious software could also add an "all purpose" certificate and essentially create an attack vector for SSL/TLS man-in-the-middle attacks or provide a foothold for a bad agent to usurp and exfiltrate information from your system without your knowledge. CertWatch performs hourly scans of all system certificate stores and will report any additions or deletions from those stores when changes are made. Hourly scans for all Windows system certificate stores. Reports when changes are made. CertWatch operates by checking the local certificate store and verifying against Microsoft's Certificate Trust List (CTL) and Certificate Revocation List (CRL). These lists are updated regularly and contain a predefined list of items signed by a trusted entity (Microsoft). Automated checking of expired or nearly expired certificates so that system services dependent on these certificates will not fail due to expiration (IIS [HTTPS/TLS], Active Directory, SChannel services) Blaser CertWatch runs as a background service and scans and checks the following Windows certificate stores: Current User (CERT_SYSTEM_STORE_CURRENT_USER) Current Service (CERT_SYSTEM_STORE_CURRENT_SERVICE) Local Machine (CERT_SYSTEM_STORE_LOCAL_MACHINE) Local Machine Group Policy (CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY) Current User Group Policy (CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY) Services (CERT_SYSTEM_STORE_SERVICES) Users (CERT_SYSTEM_STORE_USERS) Local Machine Enterprise (CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE)
Changes: New Release
Minimum requirements: Windows Workstation or Windows Server
Operating system: WinVista,WinVista x64,Win7 x32,Win7 x64,WinOther,WinServer,Windows Vista Ultimate,Windows Vista Ultimate x64,Windows Vista Starter,Windows Vista Home Basic,Windows Vista Home Premium,Windows Vista Business,Windows Vista Enterprise,Windows Vista Home Basic x64,Windows Vista Home Premium x64,Windows Vista Business x64,Windows Vista Enterprise x64,Windows 10,Windows 8
Program URL: http://www.blaser.us/software/certwatch/
CertWatch screenshot
