"Zero Trust" is an IT security philosophy that maximizes protection from threats by tightly controlling access and permissions for every individual, device, and process in the organization's environment. Learn how digital identity and certificates play a key role in operating a secure Zero Trust strategy.
Many observers notice similarities between PKI and blockchain, including their applicability to secure digital systems and their ability to enable authentic information and non-repudiation in an electronic environment. Join our hosts and expert guest Alan Grau as they go over the similarities and differences between PKI and blockchain, explain the qualities of a good use case for each, and describe how they can complement each other.
With lockdowns and working from home the norm, a great deal of attention has been paid to video conferencing technology. In particular, Zoom has claimed to offer end-to-end encryption while in fact it does not, making headlines across media of all sorts. In this episode our hosts explain what end-to-end encryption is and why the distinction is important for a service like Zoom.
SSH keys are essential for controlling access to production infrastructure. Our hosts are joined by repeat guest David Colon to discuss how SSH keys are used in contemporary computing environments, what risks they carry with them, and tips for IT professionals to use SSH keys easily and securely.
Recent headlines have unveiled high profile attacks against automobile key fobs. Such an attack is potentially huge since successfully mimicking these fobs can yield complete access to an automobile's capabilities. Our hosts are joined by repeat guest Alan Grau as they describe the cryptographic architecture of a modern automotive key fob, how these attacks take place, and what automobile manufacturers can do about it.
DNS over HTTPS is a capability whereby DNS lookups can be encrypted to defend against certain man-in-the-middle attacks as well as protecting information about web usage from being revealed to third parties. In this episode our hosts explain DNS over HTTPS, it potential uses, and how it works. They also explain some of the controversy and potential concerns that have been raised with this approach.
Lock downs and work-from-home requirements have disrupted the efficiency of operations in all walks of industry, including academics and advanced computing research. In this episode our hosts debate if and how the pandemic's disruptive nature might change the date on which quantum computers are able to defeat today's encryption.
People are working from home in unprecedented numbers, which means that companies need to find ways for them to connect securely. Some will consider hard tokens as an option. In this episode our hosts give a frank assessment of the difficulty that hard tokens present for the modern remote workforce, along with some of the other available options that are likely to serve the enterprise better.
Security for IoT devices depends not only on establishing strong identity mechanisms for devices and the services they connect to but also in ensuring the ongoing integrity of device operations. In this episode our hosts are joined by guest Alan Grau to explain what an embedded firewall is and how it aids security for connected devices.
With the sudden, meteoric increase in remote workers, many IT professionals are looking at VPN as a method of keeping them secure. Join our hosts as they discuss the advantages and disadvantages of VPNs, and what to look out for.
To enable broadest possible access to valuable information about the COVID-19 epidemic, Firefox has chosen to reinstate support for web sites using TLS 1.0 and 1.1. Join us to learn about this move, why Firefox has made it, and what that says about the state of web site security today.
New research presented at RSA Security Expo indicates that at least one party is using online criminal marketplaces to sell a package of a newly-created business and at least one Extended Validation SSL certificate to go with it. Join our hosts as they explain what the research says and talk about the potential criminal use cases for a bundle like this one.
As a convenience to customers and a competitive differentiator, public cloud services such as AWS offer TLS certificates for use in their environments. Join our hosts as they explain this practice, how these certificates can be used, and which use cases and environments will not work with TLS certificates from public cloud vendors.
COVID-19 is rocking all aspects of our daily and business lives. So what are the implications of lock-downs, office closures, and high employee absenteeism on the PKI world? Our hosts explore the implications of our new post-pandemic work culture on business continuity and security, and how PKI fits into this new way of working
As measures move into place throughout society to flatten the curve of COVID-19's spread, it is important to understand the potential effects of lock downs, school closures, and work-from-home mandates on the critical systems that keep our digital world running. Sectigo has conducted an internal audit of its business continuity and disaster recovery plans in light of the specifics of the ongoing pandemic, and we remain confident in our ongoing operation without material disruption through the pr...
Certificates can play a critical role in enabling and controlling access for users and devices to our sensitive business processes and data. Our hosts are joined once again by David Colon as we explore the role certificates play in providing network access and permissions, including some best practices.
At the most recent Face-to-Face meeting of the CA/Browser Forum, Apple announced that as of September 1 it will distrust public TLS certificates issued with terms longer than thirteen months for all its technology products. Join our hosts as they discuss this change, its affect on the ecosystem, and what you need to do to prepare for one-year SSL certificates.
Former CableLabs CIO and Kyrio President and General Manager Mitch Ashley joins our hosts to discuss how to set up a PKI system that will meet your needs for many years to come. Mitch is now CEO of Accelerated Strategies Group, a disruptive analyst firm focused on cybersecurity, devops and cloud. We discuss the differing attitudes, pain points, and processes of device manufacturers versus service providers. Mitch explains how the overall qualities of the ecosystem affect PKI, ensuring extensibil...
Repeat guest and DevOps expert David Colon joins us again to discuss identity for microservices, including the use of very short-lived TLS certificates. David and our hosts explore the unique properties of PKI in these environments and describe how to find the optimal term for a container certificate.
Modern architectures and development processes have shattered the old concept of an IT perimeter for the enterprise. In this world, attaching strong identity to every device, user, and process is essential to security. In this episode our hosts describe this challenge and discuss the pros and cons of various identity schemes.
In our ongoing series on DevOps and PKI, DevOps practitioner David Colon joins us to help describe the intersection of DevOps security and PKI. We explore how PKI fits in with orchestration engines like Kubernetes and some of the practical considerations in securely using keys in such environments.
SHA-1 was a cornerstone of the early secure web. Now, 25 years later, this hashing function is no longer secure. Join our hosts to hear the history of SHA-1, its common use cases, and the properties of an effective hashing function. Learn about collision attacks and why they matter. Find out the reasons SHA-1 is still in use and why it is no longer secure in today's computing world.
Our hosts are joined by senior DevOps engineer David Colon to explore what DevOps means in today's enterprise. They cover diverse aspects of the DevOps phenomenon, including cultural implications, "configuration drift," definition of release velocity, and DevSecOps. Plus of course how DevSecOps intersects with PKI.
Traditionally, file encryption is an all-or-nothing affair where data cannot be gleaned from the encrypted file without fully decrypting its contents. A new brand of cryptography called homomorphic encryption makes it possible for specific types of data to be read from a file while the rest of it remains encrypted. Join our hosts as they explain this new technology approach and its possible implications and use cases.
Quantum key distribution is a new technology that uses the principles of quantum physics to generate and distribute truly random keys for encrypted communication. Join us as we explain how quantum key distribution works, why it is not the same as quantum safe cryptography, and which cases it may be useful for.
The phrase "identity is the new perimeter" has gained in use of late, reflecting the reality that today's modern enterprise architecture is a mix of traditional and cloud, owned and rented and BYOD, all together in a complex mix. Under those circumstances identity is key to determine which digital entities have which permissions. But what do we mean when we say identity? Join our hosts as they explain the concepts behind digital identity, how they compare to our offline ideas around identity, an...
CAA, which stands for CA Authentication, is the capability for the domain name owner to specify in DNS which CAs are allowed to issue SSL certificates for a specific domain. Join us to learn more about CAA, including how it works and its potential benefits to businesses.
On January 14 Microsoft announced a sweeping vulnerability that makes it possible to defeat the authentication of Elliptic Curve Cryptography (ECC) on Windows 10 and Windows Server systems, making it possible to create fake certificates on trusted roots that will fool these systems. Join our hosts and guest Nick France, CTO of SSL at Sectigo, as we explain this vulnerability, how it could be used in exploits, and what must be done to address it.
In our ongoing series about blockchain, we explore the technology, process, and ecosystem needs for a successful cryptocurrency. Join our hosts along with expert guest Alan Grau as we discuss the technology and ecosystem specifics of cryptocurrencies, including blockchain and PKI.
Widely understood to be the technology behind popular crypto currencies, blockchain has become a household word. But what it blockchain really, and how does it work? Join our hosts and returning guest Alan Grau as they explain how blockchain functions, its strengths and weaknesses, and some of the other potential applications for this technology.
