Root Exposure Manager is a new and powerful trust store manager. Its main purpose is to analyze and take control of the system trust store and reduce unnecessary root CA exposure. Major features include: View all trusted root certificates (including the hundreds hidden in the Microsoft CTL) Measure public activity for each root (live data / cloud-based) Quickly identify and disable "dormant" roots Easily trust or distrust multiple roots Identify roots not trusted by Mozilla (which has stricter requirements than the Microsoft Root Program) View roots by country of origin System Trust Exposure score card Factory reset of the trust store Automatic database updates Export PowerShell scripts Force trust store update Strict / Paranoid profiles Please note that the product is primarily geared at security-conscious and enterprise users. It is still in private beta. Pricing and licensing are under development.