For any Certificate Lifecycle Management platform to succeed, effective deployment is essential. Our hosts are joined by Sectigo SVP of Global Sales Jennifer Binet who describes the optimal onboarding process, step by step. Jennifer discusses adding use cases over time, streamlining the contracting process, and getting to full automation for all certificates.
A major automobile manufacturer recently had a problem where its infotainment systems were permanently "bricked" by a flaw in local HD radio broadcasts. Our hosts describe what happened and explore the lessons we can learn from this incident.
Gartner analyst David Mahdi recently left the analyst space for Sectigo. In this episode he joins our hosts to explain the reasons for his optimism about digital trust, including NFTs, Web3, blockchain, PKI, and Zero Trust.
Web3 refers to the concept that online content can be attributed to specific known publishers, regardless of web site or online channel. In this episode we discuss the fundamentals of Web3, including self-signing protocols, authorization of content, blockchain, definitive authorship, consensus algorithms, and meat from space.
Secure online collaboration poses logistical and technical challenges under the best of circumstances. Now imagine you have no designated IT staff, no designated hardware, a small budget, and remote participants who are not deeply technical. In this episode Jason Soroko explains how he was able to quickly and easily create an encrypted communications mesh for use by him and his collaboration team.
In previous episodes we have defined passwordless identity authentication. In this episode our hosts explain PKI's specific role in passwordless authentication, along the way clarifying the difference between password-masking and true passwordless technologies.
Credential vaults are necessary for secure and functional secrets management for automated systems like DevOps or Robotic Process Automation (RPA). This episode explains how credential vaults work and details their benefits.
Certificate Transparency (CT) is essential to monitoring the public SSL certificates that are issued. In this episode we explain what CT logs are, how they work, and the uses we can put them to.
The CA/Browser Forum Baseline Requirements (BR) are hugely influential in the world of public-trust certificates. In this episode we explain what the Baseline Requirements are, how they are created, and why they matter.
This episode describes newly revealed vulnerabilities where copying and pasting text from a web page can open the site visitor up to attack. Our hosts explain how this attack can occur and its potential consequences, along with how to defend yourself against this threat.
In this episode we explain Privileged Access Management (PAM). We go on to explain some of the ways that networks using these techniques are still vulnerable to attack and what to do about it.
We are all familiar with phishing in its various forms. Many people feel that they can protect themselves from fraud by verbally confirming apparent commands from senior executes. In this episode our hosts explore deep voice fakes, computer generated audio that successfully passes for the voice of a known associate, and the risks they pose.
In this episode our hosts describe the extreme degree to which all business has become digital business, even the most offline businesses you can think of, including food delivery, in-restaurant dining, bricks-and-mortar retail, and naturally, haircuts. We discuss the disparate, interconnected systems required to make this happen and the fragility of this new digital world.
In 2021 the certificate industry saw the emergency of the concept of "CA agnostic." However, that is only part of the story. In this episode our hosts build on this concept to define the idea of certificate automation platforms being "certificate agnostic," meaning these platforms should handle all certificates regardless of type, configuration, physical location, environment, use case, and origin.
The latest update of iOS includes new capabilities for app privacy auditing and permissions. Our hosts explain the controls available on iOS and Android and how a mobile device privacy audit can be beneficial.
Exploding interest in cryptocurrency has caused the word crypto to take on new meanings that were not part of the public dialog even a few years ago. In this episode our hosts explore both the overlap and difference between today's cryptocurrency (and blockchain) and more venerable forms of cryptography.
Our hosts look back at four positive security trends in 2021 that industry should continue in 2022.
In this year-end lookback episode, our hosts describe 14 common fallacies that still haunt IT professionals in 2021 - and the negative effects those fallacies bring.
An important trend sweeping enterprise IT is Robotic Process Automation. Our hosts define RPA and explain the importance of cryptographically secured digital identity in safely implementing RPA.
In continuation of our ongoing exploration of blockchain and cryptocurrency, our hosts describe a recently discovered exploit where attackers use weaknesses in one-time-password-based MFA to steal Coinbase accounts.
Certificate Lifecycle Management (CLM) platforms can deal with certificates from a number of sources. A CLM that can provision certificates of all types from all CAs, private and public, would be described as "CA agnostic." In this episode we explain this idea and its significance along with the key criteria for choosing a CA agnostic CLM platform.
Malware and other web site attacks are a frequent problem for small businesses and can result in reputational damage and site access being blocked or hindered by end user software and services. We are joined by web site protection expert JP Armenta, who explains how these attacks occur, their effects, and how site operators can protect themselves.
Apple recently announced that it would be limiting the allowable term for public S/MIME certificates to 825 days. Our hosts explain the implications of this declaration.
In this episode our hosts explain how an esoteric digital signature error rendered a 3 billion Euro manufacturing contract with the Austrian government invalid.
The root certificates of the EU's Covid Passport program have suffered a private key compromise and counterfeit passports are now for sale on the black market. We explain the implications of this shocking revelation.
Recent research reveals that certificate misconfiguration in a commonly used college WiFi platform that can lead to exposure and theft of users' login credentials. Our hosts discuss WiFi authentication and the EAP protocol and explain how this vulnerability occurs.
At this year's BlackHat, a talk and white paper detailed the threat of MSCA root key attacks, which can be used to create unauthorized certificates. This release includes a pair of offensive toolkits and a defensive toolkit. We explain the importance of this release and provide a clear action list for IT professionals in charge of Microsoft CA.
Let's Encrypt's recent root expiration caused widespread service outages and other hassles for online services and sites. Our hosts discuss this expiration, why so many problems resulted, and the recipe for avoiding these problems in the future.
This December will see a meaningful change in how CAs are allowed to conduct Domain Control Validation (DCV) using the method known as https token or file authentication or agreed up on change to web site. This method will be removed as an option for "domain spaces" including wildcards and subdomains. Join our hosts as they explain how DCV works and how the rules are changing and why. And we clarify the available options for those changing their preferred DCV methods.
The PetitPotam attack against Microsoft CA has garnered a lot of attention. Our hosts describe this attack and define related terms like Mimikatz, pass-the-hash, and NTLM Relay. The episode goes on to give a roadmap for mitigating this attack , including free resources available to help defend against PetitPotam.
