Machine Identity Protection Gains Momentum in 2018
Machine Identity Protection Gains Momentum in 2018 kdobieski Thu, 03/07/2019 - 08:18 Forward-thinking companies began to realize the value of centrally managing, and ultimately protecting, machine identities early on. And now, we’re seeing an increasing number of the world’s leading organizations getting serious about protecting their machine identities. Venafi, currently ... Read More
SSL/TLS Certificate Toolkits: A Hot Commodity on the Dark Web
SSL/TLS Certificate Toolkits: A Hot Commodity on the Dark Web kdobieski Wed, 03/06/2019 - 08:39 “One very interesting aspect of this research was seeing TLS certificates packaged with wrap-around services – such as web design services – in order to give attackers immediate access to high levels of online credibility ... Read More
Passive und aktive Angriffe mit Verschlüsselung: Was ist der Unterschied?
Passive und aktive Angriffe mit Verschlüsselung: Was ist der Unterschied? kdobieski Tue, 03/05/2019 - 15:12 Kriminelle sind heute gewiefter und die Schadprogramme ausgefeilter als je zuvor. Moderne Malware kann den PC eines Opfers infizieren und lange Zeit unentdeckt bleiben. Und immer höhere Rechenleistungen ermöglichen es, selbst schwierige Passwörter in Sekundenbruchteilen ... Read More
Quelle est la différence entre une attaque active et une attaque passive utilisant le chiffrement ?
Quelle est la différence entre une attaque active et une attaque passive utilisant le chiffrement ? kdobieski Tue, 03/05/2019 - 10:50 Blogueur invité : Nihad Hassan Internet comporte de nombreux risques ! Lorsque vous naviguez, vous êtes susceptible de vous trouver face à un risque. Parmi ceux-ci, différents types de ... Read More
Integrating Security with Speed in the HashiCorp DevOps Lifecycle
Integrating Security with Speed in the HashiCorp DevOps Lifecycle kdobieski Tue, 03/05/2019 - 08:38 Leveraging the integration between Vault and Venafi gives organizations a no compromises answer. Every team can be satisfied without compromising anything. That’s why it's super important for large organizations that need to drive alignment between multiple ... Read More
Insider Threats: Seemingly Innocent Shortcuts Can Leave You Exposed
Insider Threats: Seemingly Innocent Shortcuts Can Leave You Exposed kdobieski Fri, 03/01/2019 - 10:43 To avoid these types of insider threats, I recommend that you make it easier for your users to follow security best practices. As I mentioned before, training is not always the answer. Instead, you may have ... Read More
Mozilla CA Quandary Highlights the Importance of Trust Store Security
Mozilla CA Quandary Highlights the Importance of Trust Store Security kdobieski Thu, 02/28/2019 - 09:28 That’s not the only threat pertaining to trust stores, either. As noted by Malwarebytes, digital attackers can also steal the private key that belongs to a root certificate. If this root certificate already resides within ... Read More
What is Session Hijacking?
What is Session Hijacking? Scott Carter Fri, 07/22/2022 - 16:30 32088 views What is a session? HTTP is stateless, so application designers had to develop a way to track the state between multiple connections from the same user, instead of requesting the user to authenticate upon each click in a ... Read More
An Interview with CISO Justin Metallo: What It Takes to Protect Machine Identities
An Interview with CISO Justin Metallo: What It Takes to Protect Machine Identities kdobieski Tue, 02/26/2019 - 08:38 Unfortunately, I won’t be going into detail about Justin’s pre-Beam Suntory history (which, in a just world would be a feature in People); however, I wanted Justin to go into more detail ... Read More
We need more phishing sites on HTTPS!
We need more phishing sites on HTTPS! kdobieski Mon, 02/25/2019 - 10:33 Encrypt All The Things I'm going to skip over all the obvious points that we want phishing sites on HTTPS. If we want a 100% encrypted web then we need to encrypt all sites, despite whether or not ... Read More