PKI Assessment Services

Get the Most Out of Your PKI Investment

Our Online and Onsite Assessments Provide Deep Insight into Design, Health, and Configuration of Your PKI

Over the course of hundreds of engagements with companies of all sizes and industries around the world, PKI Solutions has amassed extensive knowledge of how to evaluate, implement and manage a PKI based on Microsoft Active Directory Certificate Services (ADCS). PKI Solutions President and Founder Mark B. Cooper first created the concept of PKI assessments in 2005 while at Microsoft and has been continually refining the process ever since.

Our unique PKI assessment process and tools automate data collection and CA discovery. The result is the most consistent and systematic way to analyze the configuration and health of ADCS PKIs available today.

We have extensive experience working with PKI environments around the world in countless industry sectors. Our assessment offerings provide capabilities and deliver insight not found elsewhere across the industry. By tapping into our knowledge and assessment tools, you can be assured you are getting the most out of your PKI investment. Review our comparison matrix to determine whether the Online PKI Assessment Portal or the full Onsite Advanced PKI Assessment is right for your needs. The advanced includes six months of portal and dashboard access.

Online Self-Paced PKI Assessments

Online PKI Assessment Portal

PKI Assessments On-Demand, Self-paced at your own speed using our automated portal

The Online PKI Assessment Portal process starts with a downloadable ADCS Collector tool that performs data collection in your environment. Once installed, the tool goes to work pulling configuration details from your online CAs from a single location – all within a few minutes. Offline CAs such as Root and Policy CAs that are isolated from the network are supported by using the data collector directly on each CA and the output files uploaded to the Online PKI Assessment Portal.

Unlike manual assessment processes, you don’t need to waste time completing surveys, digging around configuration files, registry keys, taking screenshots, or running experiments. Just download, run, upload, and review. Once the configuration files are uploaded to the portal the results are displayed in a scorecard that gives you instant insight into the design, health, and configuration of your PKI. Additionally, you are instantly presented with areas for remediation ranked High Risk, Medium Risk, and Low Risk. The scorecard provides a grading matrix and a high-level analysis of your PKI. Is it in great shape or in poor health? The scorecard brings all of the best practices together in one place and weights and scores your environment.

You will also get an actionable checklist of elements that are essential to ensuring your environment is secure and properly maintained. The scorecard also lets you maintain a historical perspective of your environment. You can easily chart and review how your environment evolves and changes over time. The scorecard, checklists, and historical records are centrally stored in a secure portal and easily accessed via a convenient web-based dashboard.


Data Privacy Statement

Your environment and security are critical to your organization's success. We know you have questions about what information is collected and how it is stored as part of the assessment program. To provide transparency on our protection and privacy, please review our Assessment Data Protection Disclosure for specifics. In short, your information is not available to us or any other organization without your explicit consent. By default, only users in your organization can view your data.


Now Offering Free Assessments

The Online PKI Assessment portal is now providing free LITE assessments to all organizations. You will experience the same portal experience and data collection and receive your free Scorecard report and grade. The Lite assessment will provide you with a snapshot status of your PKI environment. You will have the option to purchase a full report along with specific findings and remediation recommendations at any time. The LITE assessment provides you a free, on-demand status of their PKI with no financial commitment.

Advantages of PKI Solutions Assessments

Comprehensive and Fast

Automated data collection and CA discovery – download, run, upload, and review

Continual Improvement

Unlimited online assessments (with subscription) for ongoing PKI insight, remediation, and trends

Increase Audit Compliance

Ensure your PKI is configured, managed, and run per compliance and audit requirements

Historical Trends and Reports

Your scorecards, checklists, and historical records are easily accessed via a web-based portal at any time.

Designed by the Experts

Our scorecards bring industry best practices together in an automated collection and reporting portal.

Early Warning

By ensuring your PKI is configured properly, you can catch problems before they cause outages or affect you.

In-Person Advanced Assessments

Onsite Advanced PKI Assessments

A Comprehensive Assessment of Your PKI

Our Onsite Advanced PKI Assessment leverages the same tooling as our Online PKI Self-Assessment Portal to provide deep insight into the design, health, and configuration of your PKI and how it compares to industry best practices. The onsite engagement goes deeper and includes, a more thorough review of the environment. Areas include physical security controls, monitoring, patching, OCSP, NDES, Documentation, Key Recovery and Hardware Security Modules (HSMs). Certificate Policy and Certificate Practice Statement reviews are also optionally available as part of the review.

Thorough Analysis

A thorough review and analysis is performed by our staff that goes far beyond what any tool can provide. With decades of experience, we can piece together the bigger picture and determine areas of concern that automated tools alone are incapable of performing. This comprehensive assessment ensures that your entire PKI is configured, managed, and run in accordance with compliance and audit requirements.

PKI Assessment Comparison

Assessment Topic

  • PKI and Certificate Authority Operations
  • Infrastructure and Server Design
  • Industry Best Practices
  • Revocation Configuration, Intervals and Health
  • CA Extensions and Properties
  • Certificate Templates and Issuance
  • Cryptographic Suitability and Compatibility
  • Logical Security Protections, Enforcement and Risks
  • Online Certificate Status Protocol
  • Security Updates and Patches
  • Key Recovery
  • Failed or Legacy CAs Operation
  • Hardware Security Modules and Key Protection
  • Disaster Recovery and Availability
  • Operational and Procedural Documentation
  • Certificate Management, Issuance and Controls
  • Physical Security Controls
  • Logical Security Protections, Enforcement and Risks
  • Lead by Senior Consultant for Analysis and Recommendations
  • Certificate Policy/Certificate Practice Statements Compliance*

Online PKI Assessment Portal


Onsite Advanced PKI Assessment

  • *Add on service