Name: Root Causes Episode 24: Certificate Revocation
Start: 2021-03-05T14:15:00Z
End: 2021-03-05T14:30:28.000Z
Location: BrightTALK
Rating: 0

We are the world's largest commercial SSL Certificate Authority. Our webinars are specially designed to help you protect your online business, connected devices, applications, and digital identities.

The recent announcement of NIST’s third round selections for post-quantum encryption algorithms is a major milestone in the journey to quantum-safe computing systems. But while this announcement marks the end of one chapter, another is only beginning. Now standards bodies, hardware and software manufacturers, and ultimately businesses across the globe will have to implement new cryptography across all aspects of their computing systems. Until we have upgraded cryptography everywhere, our digital operations remain insecure. 

Join Sectigo's Chief Compliance Officer Tim Callan and CTO Jason Soroko to learn:
- Who the 4 NIST winners are and what their respective algorithms are for
- Why cryptoagility matters now more than ever before
- What practical steps your organization needs to take to prepare for quantum-resistant encryption

Preparing for Post-Quantum Security

We need Trust, not "Zero Trust"! From Cybersecurity, Digital Identity, to the Metaverse; Digital Trust underpins it all. Zero Trust is a great concept, but it is only the first step in the journey to secure digital identities. 

In this session David Mahdi focuses on:
- The strategic notion of Zero Trust, and what it means in a world that needs Digital Trust. 
- The definition of Identity-First and Perimeter-Less Security, a Gartner Top Security trend, with Zero Trust network architecture in mind. 
- The importance of Identity-First Security and establishing Digital Trust for human and machine identities.

We’re So Done With Zero Trust! Why You Need to Focus on Digital Trust

Increasing cybersecurity concerns require enhanced control over administration, and certificate-based SSH delivers substantial improvements to the SSH community. In this webinar, Tim and Jason discuss how certificate lifecycle management for SSH offers organizations significant cost-savings along with increased fine-grained controls over IT server administration.

Certificate Lifecycle Management for SSH

Talking about cybersecurity tends to be all doom and gloom, but it shouldn't be. There is a lot to be positive about. In this webinar, Tim Callan and Jason Soroko discuss five positive security trends that we'd like to see continue into 2022, and more specifically how security technologies are moving from endpoints to core enterprise security.

5 Positive Security Trends for 2022

A VPN is not a security tool! It's in the name. This is just one of the many security misconceptions that people still continue to believe in 2022. There is a lot of misinformation surrounding information security and it only makes our jobs harder when protecting sensitive data. In this webinar, Sectigo’s Jason Soroko and Greg Mooney discuss the top security fallacies and some tips on ways to avoid them.

15 Security Fallacies We Still Commit in 2022

The volume of certificates used to secure human and machine identities is growing exponentially. Businesses face new management challenges that can't be solved with legacy CA models or outdated on-premises solutions. Sectigo solves this challenge by introducing a new universal platform to automate the lifecycle management for all certificates issued by Sectigo and other public and private CAs used across the enterprise. It's modern PKI for the modern enterprise. Join Tim Callan and Jason Soroko as they unveil the new CA agnostic capabilities in Certificate Manager, Sectigo's flagship certificate management platform.

CA Agnostic Certificate Lifecycle Management for the Modern Enterprise

Certificate Lifecycle Management (CLM) platforms can deal with certificates from a number of sources. A CLM that can provision certificates of all types from all CAs, private and public, would be described as "CA agnostic." In this episode we explain this idea and its significance along with the key criteria for choosing a CA agnostic CLM platform.

Root Causes Episode 189: What is CA Agnostic

Malware and other web site attacks are a frequent problem for small businesses and can result in reputational damage and site access being blocked or hindered by end user software and services. We are joined by web site protection expert JP Armenta, who explains how these attacks occur, their effects, and how site operators can protect themselves.

Root Causes 188: Introduction to Web Security

Apple recently announced that it would be limiting the allowable term for public S/MIME certificates to 825 days. Our hosts explain the implications of this declaration.

Root Causes Episode 187: Apple Limits Term for SMIME Certificates

In this episode our hosts explain how an esoteric digital signature error rendered a 3 billion Euro manufacturing contract with the Austrian government invalid.

Root Causes Episode 186: Digital Signature SNAFU Costs Swiss Company Billions

The root certificates of the EU's Covid Passport program have suffered a private key compromise and counterfeit passports are now for sale on the black market. We explain the implications of this shocking revelation.

Root Causes Episode 185: EU Covid Passport Root Key Stolen

Recent cyber threats like the PetitPotam relay attack on Microsoft, the SolarWinds supply chain compromise, and countless others have put a bright spotlight on the age-old debate: Is the cloud as secure as an on-premise infrastructure? As enterprises are targeted with increasingly sophisticated on-premise breaches – despite firewalls and other roadblocks – it is clear data center proximity does not equal impenetrable protection. Tim Callan and Jason Soroko explain the benefits of a cloud-based approach to security and why certificate-based authentication between all systems is critical to securing enterprises today and tomorrow.

Cloud or On-Premise: Updating Assumptions on Secure Certificate Management

Recent research reveals that certificate misconfiguration in a commonly used college WiFi platform that can lead to exposure and theft of users' login credentials. Our hosts discuss WiFi authentication and the EAP protocol and explain how this vulnerability occurs.

Root Causes Episode 184: Popular College Wifi Vulnerability Revealed

At this year's BlackHat, a talk and white paper detailed the threat of MSCA root key attacks, which can be used to create unauthorized certificates. This release includes a pair of offensive toolkits and a defensive toolkit. We explain the importance of this release and provide a clear action list for IT professionals in charge of Microsoft CA.

Root Causes 183: New MSCA Attack Toolkits

Let's Encrypt's recent root expiration caused widespread service outages and other hassles for online services and sites. Our hosts discuss this expiration, why so many problems resulted, and the recipe for avoiding these problems in the future.

Root Causes Episode 182: Let's Encrypt Root Expiration

Recent cyberattacks have shown that security perimeters are not unbreachable and that all network connections, both inside and outside the enterprise, should be considered potentially hostile. Tim Callan and Jason Soroko explain how Sectigo views the Zero Trust Network Architecture and how certificate-based authentication is essential to implementing the secure enterprise of today and tomorrow.

Applying the best Zero Trust principles to modern network architecture

This December will see a meaningful change in how CAs are allowed to conduct Domain Control Validation (DCV) using the method known as https token or file authentication or agreed up on change to web site. This method will be removed as an option for "domain spaces" including wildcards and subdomains. Join our hosts as they explain how DCV works and how the rules are changing and why. And we clarify the available options for those changing their preferred DCV methods.

Root Causes Episode 181: Limitation of DVC Through Website Changes

The PetitPotam attack against Microsoft CA has garnered a lot of attention. Our hosts describe this attack and define related terms like Mimikatz, pass-the-hash, and NTLM Relay. The episode goes on to give a roadmap for mitigating this attack , including free resources available to help defend against PetitPotam.

Root Causes Episode 180: PetitPotam MSCA Attack

Occasional certificate revocation is an essential part of the digital certificate lifecycle and any secure PKI scheme. Not only do certificate owners need the revoke their own certificates, but also CAs sometimes need to revoke certificates to keep trust high. Join our hosts as they discuss the whys and wherefores of revocation by the CA, especially as it relates to code signing and malware.

Root Causes Episode 24: Certificate Revocation

Encryption

Cyber Security

Malware

Cyber Attacks

Digital Identity

Identity Management

Certification

Automation

Authentication

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Root Causes Episode 24: Certificate Revocation

Presented by

About this talk

More from this channel