nCipher HSM Venafi Machine Identity Protection

Visibility, Intelligence, Automation: Three Reasons to Expand Machine Identity Protection

|
Visibility, Intelligence, Automation: Three Reasons to Expand Machine Identity Protection kdobieski Mon, 03/18/2019 - 12:24 Connected Device Roles and Capabilities Machines today: Are increasingly connected to each other Have the ability to collect vast amounts of data Share information with other machines, and Make autonomous decisions based on the situation ... Read More
SHA-1 migration SHA-2 Microsoft

Still Using SHA-1 for Internal Certificates? It’s Almost Too Late to Update

|
Still Using SHA-1 for Internal Certificates? It’s Almost Too Late to Update kdobieski Mon, 03/18/2019 - 07:54 “Due to weaknesses in the SHA-1 algorithm and to align to industry standards, Microsoft will only sign Windows updates using the more secure SHA-2 algorithm exclusively [after July 19],” reads the notice. “Any ... Read More
Microsoft_Logo_PNG.png

Serial Entropy Issues Invalidate 22,000 TLS Certificates on Dutch Government PKI

|
Serial Entropy Issues Invalidate 22,000 TLS Certificates on Dutch Government PKI kdobieski Thu, 03/14/2019 - 12:34 The report states that these faulty certificates will all need to revoked and reissued. “The intention is to revoke all affected certificates within 30 days.” The longer length of this timeframe (CA/B Forum mandates ... Read More
Tracking CAA Usage

Tracking CAA Usage

|
Tracking CAA Usage kdobieski Wed, 03/13/2019 - 08:53 Tracking usage in the wild Many of you will already know that I crawl and analyse the Alexa Top 1 Million Sites every single day and publish the data. On top of that, every 6 months, I also publish a report on ... Read More
security automation, key management system, certificate manager

Win-win Policies that Simplify Your Machine Identity Protection

|
Win-win Policies that Simplify Your Machine Identity Protection kdobieski Tue, 03/12/2019 - 09:49 As I’ve written before, there’s an easy way to avoid these types of problems. When you craft policies that support business goals and objectives as opposed to hindering people, you actually make it easier for everyone to ... Read More
Introduction to HashiCorp Vault with Armon Dadgar

Oh, How I Love My Hashi (Vault)

|
Oh, How I Love My Hashi (Vault) kdobieski Mon, 03/11/2019 - 10:07 But savvy DevOps teams still run into challenges with getting external-facing certificates that can be trusted by every browser when the code moves into production. To explain this conundrum, let’s dive into the difference between internal and external ... Read More
How Do Encryption Protocols Work?

How Do Encryption Protocols Work?

|
How Do Encryption Protocols Work? kdobieski Fri, 03/08/2019 - 08:52 Encryption History The ancient Greeks used a tool called a Scytale to help encrypt their messages more quickly using a transposition cipher. They would simply wrap the strip of parchment around the cylinder, write out the message, and then when ... Read More
Venafi, Venafi business momentum, machine identity protection

Machine Identity Protection Gains Momentum in 2018

|
Machine Identity Protection Gains Momentum in 2018 kdobieski Thu, 03/07/2019 - 08:18 Forward-thinking companies began to realize the value of centrally managing, and ultimately protecting, machine identities early on. And now, we’re seeing an increasing number of the world’s leading organizations getting serious about protecting their machine identities. Venafi, currently ... Read More
Dark Web, SSL/TLS, certificates

SSL/TLS Certificate Toolkits: A Hot Commodity on the Dark Web

|
SSL/TLS Certificate Toolkits: A Hot Commodity on the Dark Web kdobieski Wed, 03/06/2019 - 08:39 “One very interesting aspect of this research was seeing TLS certificates packaged with wrap-around services – such as web design services – in order to give attackers immediate access to high levels of online credibility ... Read More
Passive und aktive Angriffe mit Verschlüsselung

Passive und aktive Angriffe mit Verschlüsselung: Was ist der Unterschied?

|
Passive und aktive Angriffe mit Verschlüsselung: Was ist der Unterschied? kdobieski Tue, 03/05/2019 - 15:12 Kriminelle sind heute gewiefter und die Schadprogramme ausgefeilter als je zuvor. Moderne Malware kann den PC eines Opfers infizieren und lange Zeit unentdeckt bleiben. Und immer höhere Rechenleistungen ermöglichen es, selbst schwierige Passwörter in Sekundenbruchteilen ... Read More