Previously, customers could choose whether they wanted to secure their pages and tracking links via SSL. The responsibility of procuring, maintaining, renewing, and securely sending the certificates to Marketo lie entirely with the customer – Marketo just hosted them. In 2017, Chrome and Firefox announced they would begin marking any unsecured pages with clear ‘NOT SECURE’ warnings in their 2018 releases to encourage the use of SSL, and even distrusted certificates from certain providers. This essentially designated the certificate as a foundational security necessity to prevent customers fleeing from unsecured sites.
This change reinforced the increasing need for companies to protect their data and mitigate against online security threats. Recent studies have shown that ~45% of organizations are targets of Distributed Denial of Service (DDoS) attacks, typically lasting a few hours, and potentially costing companies not only lost revenue, but also customer data and overall trust. 
Simply put, an SSL certificate just isn't enough anymore, which is why Marketo updated how we manage SSL certificates and the overall security of our customers' landing pages with the introduction of Secured Domains, a comprehensive managed service, in early 2018.
How is Secured Domains different than an SSL certificate?
In contrast to our previous solution, Secured Domains is less focused on the SSL certificate itself, and rather the security and performance benefits gained from our partnership with CloudFlare, an industry leader in secure solutions. Secured Domains not only includes the necessary SSL certificates, but, more importantly, provides robust security protection thanks to the investment made to secure our servers, which host Marketo landing pages, behind CloudFlare’s trusted security infrastructure.
With CloudFlare’s enterprise-grade tools securing our servers, we protect against security vulnerabilities and attacks on your Marketo pages.
- Managed Web Application Firewall (WAF): keeps your pages secure by filtering and deflecting malicious attacks
- DDoS Protection: keeps your pages live by absorbing attacks and preventing the pages (and Marketo's infrastructure) from crashing
- Content Delivery Network (CDN): a load balancer to distribute page views based on geolocation, which allows landing pages to load more quickly
Secured Domains also shifts the ownership of SSL certificates onto Marketo, which eliminates the hassle of managing them from Marketing & IT teams and, because they renew automatically, you no longer need to worry about your landing pages crashing due to an expired certificate. The certificates are provisioned by CloudFlare at an enterprise-level offering. For more information, please see our Overview & FAQ: Secured Domains for Landing Pages.
How do I learn more about Secured Domains?
If you’re an existing customer, please contact your Marketo Customer Success Manager to add Secured Domains to your subscription. If you are unsure how to get in touch with your Customer Success Manager, please contact CustomerCare@marketo.com.
If you’re considering Marketo for your marketing automation solution and would like more information on Secured Domains and how it can improve your site security and performance, please contact GRP-Marketo-Sales@adobe.com.
Due to the security and risk mitigation enhancements we've made to protect Marketo servers, all SSL certificates are now uploaded to CloudFlare. Marketo customers will be required to use the CloudFlare certificates (authored by DigiCert) included in Secured Domains unless an EV certificate is required by industry regulations (i.e. Banking/Healthcare/Government). You will need to add Secured Domains to your instance to host any certificate on a Marketo landing page. As of September 2019, Secured Domains will be automatically included as a base solution in all Marketo subscriptions come renewal.
 Tim Matthews, Imperva, DDoS Impact Survey Reveals the Actual Cost of DDoS Attacks, 12 Nov. 2014