Dynamic Remediation: TLS/SSL Certificates Instant Rescan & Offline Assets – August 20, 2025 Chelsea Deaner Dynamic Remediation for TLS/SSL Certificates findings is now available.Once remediated, TLS/SSL Certificate findings no longer impact your rating. This can be achieved either by: Issuing a new certificate Taking the asset offline A combination of both. This is reflected by the No: Remediated value for the Impacts Risk Vector Grade field.Available in both regular scans and manual rescans requests.Immediate rescan feedback for TLS/SSL Certificates is also available in a Beta Program, speeding up the remediation cycle. Frequently Asked QuestionsQ: How does Bitsight identify and remediate SSL Certificate findings?SSL Certificates can be attributed to an entity for two reasons: Observed in assets—the certificate was found installed on assets associated with the entity. Listed in certificate—the entity’s assets are explicitly listed within the certificate’s fields (e.g., Subject Alternative Name). Q: When are TLS/SSL Findings Considered to be Remediated?A finding is considered remediated when all assets where the certificate was seen are addressed: For Observed in assets, all affected assets belonging to the entity must either: Be taken offline, or No longer presenting the certificate. For Listed in certificate, all sources (including third-party assets) where the certificate appears. We provide a complete list of all sources where the certificate was observed. If any third-party asset remains unremediated and is preventing remediation of the finding, it can be identified in that list. They must either: Be taken offline, or No longer have the certificate installed. Related articles Finding Behavior TLS/SSL Finding Remediation & Remediation Verification ShinyHunters Campaign - Salesforce Exposure Risk– August 19, 2025 Finding Rescan: Asset Not Found and Assumed Remediated Attack Surface: Cloud Infrastructure Sync Feedback 0 comments Please sign in to leave a comment.