Hi [[ session.user.profile.firstName ]]

Venafi - Machine Identity Protection

  • Date
  • Rating
  • Views
  • What Works in Certificate and Key Management: Enabling Secure Digital Business
    What Works in Certificate and Key Management: Enabling Secure Digital Business John Pescatore and Troels Oerting Recorded: Oct 3 2018 49 mins
    During this SANS What Works, Troels Oerting, Chief Security Officer at Barclays Bank will provide details of his selection and deployment of Venafi to enable discovery and management of encryption keys and certificates in use across Barclays, supporting more transparent use of encryption, avoiding business disruption from expired certificates and demonstrating benefits to increased integrity and availability of critical business processes.
  • SSH Keys: Security Asset or Liability?
    SSH Keys: Security Asset or Liability? Mike Dodson, VP WW Customer Security Strategy & Solutions, Venafi Recorded: Jun 14 2018 64 mins
    Weak practices around protecting SSH keys expose businesses to costly risk, impacting the most sensitive systems and data. Then incomplete auditing practices allow that risk to go unaddressed.

    SSH keys are often used for routine administrative tasks by system administrators, and privileged access management (PAM) systems ensure proper oversight. However, SSH keys are also used for secure machine-to-machine automation of critical business functions. PAM solutions don’t help secure these machine identities, and most audit programs overlook this important risk.

    This session discusses the common mistakes that almost all enterprises make around security, policy and auditing practices when managing SSH keys, including current survey results.
  • Adding Machine Identities to Your Auditing Capabilities
    Adding Machine Identities to Your Auditing Capabilities Steve Armstrong, Venafi Recorded: Jun 14 2018 32 mins
    Conducting an audit of machine identity risk highlights the effectiveness of a Machine Identity Protection program as well as where to best focus risk mitigation. But what exactly should be audited to assess this risk? This session discusses a new Audit Work Program for Machine Identity Protection that assess risk and focuses remediation.

    The session will start with a discussion of risk influencers as well as the factors of machine identity risk that should be reviewed as part of the audit. The session then introduces the Audit Work Program and outlines a 30-60-90 day next steps plan for implementation.
  • Auditing Machine Identity Protection
    Auditing Machine Identity Protection Kevin Bocek, Vice President, Security Strategy & Threat Intelligence, Venafi Recorded: Jun 14 2018 64 mins
    Just as we need to secure human identities, we also need to effectively manage and secure machine identities—whether those machines are servers, applications, appliances, IoT devices or other systems. Transport Layer Security (TLS) certificates and associated private keys serve as the primary method of establishing machine identities. However, organizations are not investing in machine identity protection, even though unmanaged and unsecured keys and certificates risk outages and breaches.

    This session shares a 5-stage approach to TLS security, including what is achieved and can be audited at each stage. This session will enable auditors to assess the overall maturity of an organization’s machine identity protection.
  • Building a Certificate as a Service Platform
    Building a Certificate as a Service Platform Carl Bourne, Global Solutions Architect, Venafi Recorded: Jun 14 2018 43 mins
    Today, agile software and IT services enable the modern enterprise to create new products, service customers, refine new processes and develop new business models. With this innovation, DevOps speed must coexist with security, but slow procurement processes lead many developers to simply ignore or sidestep corporate certificate requirements.

    This presentation shows how to achieve a balance between speed and security through building a Certificate-as-a-Service platform that automates the procurement and deployment of cryptographic keys and digital certificates as part of the build process—fully integrated with next-gen software development platforms and existing enterprise certificate authorities.
  • Venafied Private PKI
    Venafied Private PKI Clint Wilson, DigiCert Product Manager Recorded: Jun 13 2018 48 mins
    Public Key Infrastructure is paradoxically often most valuable when narrowly trusted or private. A Private PKI allows for robust and pervasive cryptographic security, privacy, and encryption of all communication within your organization. Utilizing the Private PKI offerings of DigiCert allows you to seamlessly utilize this private trust environment without setting up your own infrastructure. Integrating your DigiCert Private PKI with Venafi’s tools and services allows for complete automation of all facets of your private certificates’ lifecycle management.
  • Delivering Intelligent L4-L7 Application Networking & Security
    Delivering Intelligent L4-L7 Application Networking & Security Ashwin Manekar, Senior Product Manager, Avi Networks Recorded: Jun 13 2018 40 mins
    New software-defined load balancers are significantly improving the way application services are delivered and secured. In this webinar from Avi Networks, you will learn:

    - How to centrally manage the traffic flow to the applications and simplify policy management?

    - How to provide real-time visibility into DDoS attacks, SSL versions and ciphers used in transactions?

    - How to get the health score on application performance and automatically scale-out across data centers and clouds?
  • Get Control of SSL/TLS Certificate Security
    Get Control of SSL/TLS Certificate Security George Parsons, Senior Director of Security Architects, Venafi Recorded: Jun 13 2018 41 mins
    With more demands for encryption and stringent regulations, most enterprises need better SSL/TLS certificate security to support machine identity protection. But what’s a realistic roadmap and timeline? This session will show attendees how to design a 4-level, 18-month journey to enterprise-wide certificate security.

    Each level will include:
    - The timeline and requirements
    - The technical and business benefits
    - Anecdotes of real-life implementations

    Learn how to assess the maturity of your organization’s SSL/TLS certificate management and how to customize a roadmap to address your security and operational challenges.
  • Gemalto and Venafi: Securing Machine Identities at Machine Speed
    Gemalto and Venafi: Securing Machine Identities at Machine Speed Gorav Arora, CTO, Gemalto & Ben Rogers, Solution Architect, Venafi Recorded: Jun 12 2018 48 mins
    Machines are increasingly taking over tasks traditionally conducted by humans. Moreover, they often work independently to improve business productivity. As more and more machines come into existence, we need to be able to reliably identity which machines should be trusted and which shouldn’t. But the security that protects machine identities can no longer be slowed down by traditional manual or homegrown methods. These methods are no longer sufficient to allow organizations to scale and thrive at the speed of business.

    Join us at this webinar to learn how Gemalto and Venafi help organizations address these challenges.
  • Protect Your Machine Identities
    Protect Your Machine Identities Jeff Hudson, CEO, Venafi Recorded: Jun 12 2018 41 mins
    There are two kinds of actors on every network—people and machines—and both need to be secured. People rely on usernames and passwords, but machines use keys and certificates for machine-to-machine communication and authentication. Billions are spent each year securing identity and access management, but virtually all of it is spent securing usernames and passwords, almost none on protecting keys and certificates.

    Unprotected machine identities are lucrative targets for cyber criminals.They use unprotected keys and certificates to eavesdrop on private communications, make phishing sites or malicious code look valid, and hide their nefarious activity in encrypted traffic—getting malware in and sensitive data out.

    In this presentation, we’ll discuss the different types of machines identities and where they proliferate in your network. You’ll see the role and lifecycle of machine identities, and where we’re falling short in protecting them. We’ll then look at where there are current risks as well as where new risks are emerging. We’ll conclude with steps you can take immediately to get these risks under control.

Embed in website or blog