Public Key Infrastructure (PKI) and SSL/TLS encryption are key elements of today's Internet for secure communications, but a major security risk is caused by an compromised or malicious CA. In 2013, Google proposed Certificate Transparency (CT) which aimed to safeguard the certificate issuance process by providing an open framework for monitoring and auditing HTTPS certificates. At present, in Google ecology, CT is being actively supported by most of CA, and developed in browsers. Meanwhile, a number of secure-related challenges remain. This article reviews the CT technology from the perspectives of trust mechanism and security threats, summarizes the CT-based Web-PKI trust model and security threat model, and puts forward the security assurance mechanism and application deployment recommendations. Finally, the development of CT technology is summarized and prospected.