Blog Posts Tagged with "PKI"

9d9e32000b07da9c5acd1ad33accbbb6

Advancing the Usability of PKIs

February 06, 2018 Added by:Dan Timpson

If your organization is going to rely on PKI, it’s important to also leverage the benefits that automation can provide.

Comments  (0)

D2c1e74cac8f12e965acd1a21fef3a38

Mitigate Security Risk Before Your Business Collapses

July 11, 2013 Added by:Jan Valcke

Security is not an optional feature to be implemented after the horse has bolted. Lack of security may have severe consequences and can result in destructed corporate image, severe revenue losses and liability suits. Strong authentication alleviates a lot of security concerns and can help build customer trust, credibility and can even become a competitive advantage.

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Public Key Infrastructure 1998 – 2012

March 25, 2012 Added by:Ben Rothke

PKI was and still is a powerful set of technologies. But it was a solution far ahead of its time. It was doomed by a lack of standards, interoperability issues, deployment complexities, and a level of complication that confounded even technologically competent end-users...

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Malicious Exploits: Hitting the Internet Waves with CSRF

March 13, 2012 Added by:Brent Huston

DHS ranks the CSRF vulnerability as the 909th most dangerous software bug, more dangerous than most buffer overflows. CSRF vulnerabilities can result in remote code execution with root privileges or compromise root certificates, completely undermining a public key infrastructure...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Encryption Key Management Primer – Requirement 3.6

February 23, 2012 Added by:PCI Guru

Requirement 3.6.4 always seems to be a sticking point because people get caught up in the key expiration concept. The thing to remember is that whether or not a key expires is typically related to the encryption algorithm such as for those using public key infrastructure...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Subordinate Digital Certificates Pits Trustwave vs Mozilla

February 14, 2012 Added by:Pierluigi Paganini

Trustwave declared that the issuing of subordinate root certificates to private companies was done to allow inspection of the SSL encrypted traffic that passes through their networks. Trustwave decided to stop issuing these in the future, and revoked the existing ones...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Encryption Basics: It's Not a Mystical Science

January 25, 2012 Added by:PCI Guru

Regardless of the algorithm used, they are not perfect. Over time, encryption algorithms are likely to be shown to have flaws or be breakable. Some flaws may be annoyances that you can work around or you may have to accept some minimal risk of their continued use...

Comments  (0)

426c2c140d842b9f9c538b204ff83a6d

Eating your own dog food - how a Security Software company uses Security

February 04, 2010 Added by:Larry Ketchersid

Remember the gentleman in the commercial for Hair Club for men who said “I'm not only the President, but I'm a customer”? While there are days when the hair club tempts me, it is security solutions that my company, Media Sourcery, provides. And, like many of Infosec Island's members, the information, data and documents that we exchange with our customers are proprietary, confidential a...

Comments  (1)