Hi [[ session.user.profile.firstName ]]

Epic CA Fails: How Quickly Can You Restore Trust?

What happens when a certificate authority compromise or error leaves you scrambling to find and replace large numbers of certificates? Many organizations put their skills to the test when Google recently decided they would no longer trust certificates issued by Symantec. With the first set of Symantec distrust deadlines just around the corner, do you know if your organization will be impacted?

But Symantec wasn't the first panic button and it won't be the last. Most security professionals think there will other events like this in the future, but they don't have the technology or information they need to respond quickly. Join our webinar to learn how you can prepare for large-scale certificate security events.

You'll learn why certificates are poorly understood and weakly defended in many enterprise networks. And you'll see survey results that show why a surprising number of IT security professionals are relatively unconcerned about their ability to quickly find and replace groups of certificates.

How does your organization stack up to industry peers? Are you agile enough to find and replace all certificates that chain up to a Symantec root?

Attend this session to learn:
- Which types of CA events can impact your certificates
- Why it's difficult to locate and replace impacted certificates
- Why most organizations aren't ready to react quickly
- Four steps you can take now to build CA agility
Recorded Mar 29 2018 58 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Mike Dodson, VP WW Customer Security Strategy and Solutions, Venafi
Presentation preview: Epic CA Fails: How Quickly Can You Restore Trust?

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Epic CA Fails: How Quickly Can You Restore Trust? Recorded: Mar 29 2018 58 mins
    Mike Dodson, VP WW Customer Security Strategy and Solutions, Venafi
    What happens when a certificate authority compromise or error leaves you scrambling to find and replace large numbers of certificates? Many organizations put their skills to the test when Google recently decided they would no longer trust certificates issued by Symantec. With the first set of Symantec distrust deadlines just around the corner, do you know if your organization will be impacted?

    But Symantec wasn't the first panic button and it won't be the last. Most security professionals think there will other events like this in the future, but they don't have the technology or information they need to respond quickly. Join our webinar to learn how you can prepare for large-scale certificate security events.

    You'll learn why certificates are poorly understood and weakly defended in many enterprise networks. And you'll see survey results that show why a surprising number of IT security professionals are relatively unconcerned about their ability to quickly find and replace groups of certificates.

    How does your organization stack up to industry peers? Are you agile enough to find and replace all certificates that chain up to a Symantec root?

    Attend this session to learn:
    - Which types of CA events can impact your certificates
    - Why it's difficult to locate and replace impacted certificates
    - Why most organizations aren't ready to react quickly
    - Four steps you can take now to build CA agility
  • Financial Services DevOps: Security Awareness Doesn't Equal Protection Recorded: Mar 12 2018 18 mins
    Carl Bourne - Global Solutions Architect, Venafi
    Some financial institutions are falling short in their Development Operations (DevOps) cryptographic security practices. In DevOps, cryptographic security risks are amplified—compromises in development or test environments can easily spread to production systems and applications. A study of the financial services DevOps teams shows they are more aware of security risks and tools than other industries. However, this awareness isn’t being translated into meaningful protection. Learn how your DevOps cryptographic security practices stack up and compare to other industries. Understand how automating and orchestrating certificate acquisition as part of your DevOps environment can help keep your business secure.

    Learn how DevOps cryptographic security practices in the financial industry compare to other industries and understand how automating certificate acquisition can improve security. Join Venafi as we discuss DevOps cryptographic security practices.
  • The Machine Identity Crisis: A Podcast Interview Recorded: Jan 24 2018 19 mins
    Jeff Hudson, CEO, Venafi, and Tom Field, Sr. VP of Editorial, ISMG
    We are amidst a new "machine identity crisis," says Jeff Hudson, CEO of Venafi. And unless we tackle this growing challenge of how to secure machine-to-machine communication, then enterprise IT and security departments are likely to be overwhelmed.

    The core issue is that computer devices and applications are growing faster than the earth's human population, Hudson says. And the challenge of automated communication among these devices is complicated by four factors: mobility, IoT, the cloud, as well as DevOps and fast IT adoption.

    "As an industry, we spend $8 billion a year protecting usernames and passwords - human IDs," Hudson says. "But we're just starting to realize that we need to protect machine IDs in the same way. That's the crisis."

    In this interview with ISMG, Hudson discusses:

    Why the crisis is overlooked;
    How the problem will continue to grow;
    How to assess and mitigate your own enterprise's susceptibility to machine identity compromise.
  • Rise of Machines: Über den Schutz dieser neuen Identitäten (Webcast in German!) Recorded: Jan 10 2018 48 mins
    Jens Sabitzer, CISSP; Georg Gann
    In einem Netzwerk gibt es zwei Aktoren - Menschen und Maschinen.
    Menschen nutzen Usernamen und Passwörter um sich zu identifizieren und
    Zugang zu Maschinen, Apps, Devices uvm. zu erhalten.
    Maschinen wie beispielsweise Services, Applikationen und Cloud-basierte
    Lösungen nutzen Schlüssel und Zertifikate, um sich gegenseitig zu
    identifizieren und authentifizieren. Jedoch schützen wir diese steigende
    Anzahl an Maschinenidentitäten nur unzureichend.
    Unternehmen geben jährlich Milliarden aus um die Sicherheit von Usernamen
    und Passwörter zu gewährleisten, investieren aber kaum etwas, um Schlüssel
    und Zertifikate zu schützen.
    Erfahren Sie mehr über diese neue Sicherheitsbedrohung und die Schritte, die
    Sie vornehmen können, um dieses Sicherheitsrisiko unter Kontrolle zu
    behalten.
  • Remove Security Roadblocks for your DevOps Teams Recorded: Jan 4 2018 53 mins
    Gavin Hil - Director of Threat Intelligence and Carl Bourne, Global Solution Architect
    This webinar will show you where DevOps is being commonly used, and what new risks it will introduce. From there a discussion about how IT security can keep up with the rapid changes that DevOps is bringing to their organization. Finally a wrap up demonstration showing you how you can use Automation to secure Keys and Certificates in a DevoOps environment using Chef and Docker.
  • Rise of the Machines - 2018 Threatscape Recorded: Nov 15 2017 64 mins
    Kevin Bocek, VP, Security Strategy and Threat Intelligence, Venafi
    The number of machines of all types – from containers, to cloud, to IoT – is on the rise. The identities of these machines – SSL/TLS, SSH, and code signing keys and certificates – control encryption, authentication, and code execution; powerful security controls too often left unprotected. Compromise, misuse, and fraud of machine identities are already prime attack vectors for hackers

    As attackers look for ways to evade network monitoring, behavioral analytics and tighter privileged account security controls, they are finding hijacking machine identities to be incredibly effective and lucrative. The stage is set for a dramatic escalation of these attacks in 2018. Are you prepared?

    Attend this session to learn:

    • The top four machine identity attacks targeting your organization in 2018
    • How SSL/TLS, SSH, and code signing keys and certificates are left unprotected
    • Why most organizations are not prepared to defend against them.
    • Three things your organization can do today to protect machine identities and prevent attacks
  • OH SSH IT! Where Are My SSH Keys? Recorded: Oct 11 2017 40 mins
    Paul Turner, CTO, Server Products
    Unused or unmonitored SSH keys grant alarming levels of privileged access. If you are not hyper-vigilant, SSH keys can become vulnerable, and even walk out the door with prior employees—whether maliciously or innocently. When that happens, cyber criminals or malicious insiders can misuse your SSH keys to gain privileged access to your critical systems and data.

    Join fellow information security and system admins, managers, directors, architects, and consultants on this webinar to learn:

    • The biggest risks facing your SSH inventory
    • Strategies for preventing the misuse of SSH keys
    • Five actions that will immediately improve SSH security
  • Strengthening Machine Identity Protection to Automate SSL/TLS Certificates Recorded: Oct 6 2017 45 mins
    Brian Durkin, Senior Systems Engineer, Venafi
    Strengthening Machine Identity Protection to Automate SSL/TLS Certificate Lifecycle - A Combined Venafi and CyberArk Application Identity Manager Solution.
Intelligent Protection for Machine Identities
There are two actors on a network: people and machines. People rely on usernames and passwords to identify themselves and gain access to machines, applications and devices. Machines use digital keys and certificates to authenticate for secure machine-to-machine communication. While organizations spend billions of dollars each year on identity and access management and protecting usernames and passwords, very little is spent on protecting machine identities, which is essential to securing critical systems and data. The Venafi Platform delivers the machine identity intelligence and automation necessary to automatically safeguard the flow of information to trusted machines and prevent communication with untrusted ones—all at machine speed and scale. Venafi protects the largest, most sensitive networks in the world, and our more than 280 customers include 4 of the Top 5 US Banks, 4 of the Top 5 UK Banks, 5 of the Top 5 US Health Insurers and 4 of the Top 5 US Retailers. Venafi solutions help organizations:
- Prevent breaches
- Eliminate outages
- Orchestrate PKI
- Protect SSH access
- Pass compliance audits
- Automate DevOps

Visit www.venafi.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Epic CA Fails: How Quickly Can You Restore Trust?
  • Live at: Mar 29 2018 4:00 pm
  • Presented by: Mike Dodson, VP WW Customer Security Strategy and Solutions, Venafi
  • From:
Your email has been sent.
or close