Hi [[ session.user.profile.firstName ]]

Root Causes Episode 89: PKI's Role in Zero Trust

"Zero Trust" is an IT security philosophy that maximizes protection from threats by tightly controlling access and permissions for every individual, device, and process in the organization's environment. Learn how digital identity and certificates play a key role in operating a secure Zero Trust strategy.
Recorded Jun 7 2021 21 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
Presentation preview: Root Causes Episode 89: PKI's Role in Zero Trust

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Root Causes Episode 135: The Heartbleed Vulnerability Recorded: Aug 2 2021 25 mins
    Tim Callan, CCO at Sectigo, Jason Soroko, CTO of PKI at Sectigo, & Nick France, CTO of SSL at Sectigo
    In April 2014 a software vulnerability called Heartbleed was discovered in OpenSSL. Heartbleed made it possible for attackers to send commands to web servers and steal their private keys. Certificate subscribers around the world had to scramble to patch their servers and replace certificates by the millions. Guest Nick France joins us to explain this vulnerability, its consequences, and whether or not a Heartbleed-like vulnerability could occur today.
  • Root Causes Episode 132: Examining MFA Through Soft Tokens Recorded: Jul 30 2021 17 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    In our ongoing examination of MFA, our hosts examine authentication through soft-token OTP (one-time passcode). They go over the potential benefits and pitfalls of soft tokens, and compare them to SMS tokens and hard tokens.
  • Root Causes Episode 130: How to Get Rid of Password Breaches Recorded: Jul 29 2021 16 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    Massive password breeches have been so repeatedly prevalent for so many years that as an industry and a society we've just started to accept them as a fact of life. In this episode we discuss the weaknesses of passwords as a strategy and why they nonetheless are so common even today. We describe the roadmap for eventually weeding out passwords from most systems.
  • Root Causes Episode 129: Examining MFA Through Hard Tokens Recorded: Jul 26 2021 16 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    Hard tokens are one of the oldest multi-factor authentication (MFA) form factors there is, and still in use today. In the latest in our series of explorations of MFA strategies, we examine the strengths and weaknesses of hard tokens as an MFA strategy.
  • Root Causes Episode 128: What is Total Certificate Agility? Recorded: Jul 23 2021 15 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    First we had crypto agility, which is how we ensure our cryptography stays current with the needs of security. Expanding on this concept, industry leaders are now looking at certificate agility, which is building our systems so that all certificates are known, current, and immediately replaceable. Our hosts explain certificate agility, why it's important, and what you need to do to achieve it.
  • Applying the best Zero Trust principles to modern network architecture Recorded: Jul 22 2021 48 mins
    Tim Callan, Chief Compliance Officer at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    Recent cyberattacks have shown that security perimeters are not unbreachable and that all network connections, both inside and outside the enterprise, should be considered potentially hostile. Tim Callan and Jason Soroko explain how Sectigo views the Zero Trust Network Architecture and how certificate-based authentication is essential to implementing the secure enterprise of today and tomorrow.
  • Root Causes Episode 126: IoT Ransomware Recorded: Jul 21 2021 19 mins
    Tim Callan, CCO at Sectigo, Jason Soroko, CTO of PKI at Sectigo, & Alan Grau, VP of IoT and Embedded Security at Sectigo.
    New research shows how ransomware attacks could be launched against IoT devices. Our hosts are joined by Alan Grau to understand these attacks and what can be done to defend against them, including technical controls such as strong identity and embedded firewalls.
  • Root Causes Episode 125: Digital Identity Versus IAM Recorded: Jul 19 2021 12 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    Digital certificates and PKI provide digital identity and access. Identity and Access Management (IAM) is a huge technology category featuring major players like Okta, DUO, and Ping Identity. And despite the fact that they feature a lot of the same words in their descriptions, these two categories are entirely different spaces that do entirely different things. In this episode we explain the difference between digital identity certificates and IAM platforms and how they fit in together.
  • Root Causes Episode 124: Biometric MFA Recorded: Jul 16 2021 11 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    As part of our ongoing series on the pros and cons of various forms of multi-factor authentication (MFA) in this episode we explore biometrics. Our hosts discuss their strengths and weaknesses and the idea that biometrics are more about proof of possession than identity authentication.
  • Root Causes Episode 123: Asymmetric Versus Symmetric Encryption Recorded: Jul 14 2021 22 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    One of the cornerstones of the success of PKI and digital certificates is their dependence on an asymmetric encryption model. In this episode our hosts explain the difference between asymmetric and symmetric secrets and how they fit into encryption.
  • Root Causes Episode 121: What is a Hardware Security Module Recorded: Jul 9 2021 15 mins
    Tim Callan, CCO at Sectigo, Jason Soroko, CTO of PKI at Sectigo, & Alan Grau, VP of IoT and Embedded Security at Sectigo.
    A Hardware Security Module, or HSM, is a piece of hardware that securely stores secret material such as cryptographic keys. Join our hosts as they explain terms like HSM, Trusted Platform Module (TPM), Secure Enclave, TrustZone, and Hardware Secure Element (SE).
  • Root Causes Episode 120: PKI and SASE Recorded: Jul 7 2021 20 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    SASE (Secure Access Service Edge) is a new term to describe the complexity of authenticating access across today's diverse and heterogeneous computing environments. Join our hosts as they discuss the role of digital identity and certificates in this paradigm.
  • Root Causes Episode 119: What is Crypto Agility? Recorded: Jul 2 2021 19 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    Security industry insiders sometimes use the phrase "crypto agility." In this episode our hosts define crypto agility - or cryptographic agility. They explain why crypto agility is more important than ever, why the pace of cryptographic change is going up, and what certificate subscribers can do to improve their crypto agility.
  • Root Causes Episode 118: Quantum Apocalypse - What is a Hybrid Certificate? Recorded: Jun 30 2021 24 mins
    Tim Callan, CCO at Sectigo, Jason Soroko, CTO of PKI at Sectigo, & Alan Grau, VP of IoT and Embedded Security at Sectigo.
    As part of its quantum safe initiative, Sectigo is now offering its Quantum Safe Kit, which enables the creation of hybrid TLS certificates. In this episode our hosts are joined by guest Alan Grau to explain what hybrid certificates are, how they are essential to transitioning to quantum-safe crypto, and the ways enterprises can begin using them today.
  • The Four Pillars of Certificate Automation Recorded: Jun 30 2021 52 mins
    Tim Callan, Chief Compliance Officer at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    The more automated your approach to Digital Identity across the enterprise, the better off you are. Think about the risk of an outage if a certificate expires or if certificates are unknowingly deployed in your environment. How quickly can you swap out all of your certificates due to an unplanned or strategic event? Those are just a few examples, but you get the point! We cannot underestimate the impact of not using automation in identity management, especially as certificate lifespans are now becoming shorter and shorter, and quantum computing is looming on the horizon
  • Root Causes Episode 114: Is Quantum Computing a Threat to SHA-2? Recorded: Jun 28 2021 12 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    Quantum computers' threat to standardized encryption algorithms RSA and ECC has been much discussed. But what about our hashing algorithms? Do quantum computers pose a similar threat to SHA-2? Join our hosts as they discuss the difference between Shor's Algorithms and Grover's Algorithm, which applies to each part of cryptography, and how significant quantum computing will be for each.
  • Root Causes Episode 113: What is Certificate Pinning Recorded: Jun 25 2021 18 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    Certificate pinning is the practice of coding software to demand the presence of a specific certificate brand or root in order to function correctly. Though once considered a legitimate security option, certificate pinning is widely discredited because it carries unacceptable certificate agility costs. Join our hosts as they explain what certificate pinning is, how it came about, and why nearly all developers should avoid certificate pinning today.
  • Root Causes Episode 110: Single-domain, Multi-domain, and Wildcard SSL Certs Recorded: Jun 23 2021 24 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    When you obtain an SSL certificate, you can choose between single-domain, multi-domain, and wildcard certificates. Join our hosts as they explain the different domain spaces available with TLS certificates and the pros and cons of each approach.
  • Root Causes Episode 109: Examining MFA Through Phone-based SMS Recorded: Jun 21 2021 16 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    SMS-based one time password (OTP) is a very commonly used form of multi-factor authentication (MFA). That's because it's fast and inexpensive to roll out to users. Unfortunately it is deeply vulnerable to a set of well-defined attacks. In this episode our hosts explain why SMS MFA became so popular and how this outdated MFA scheme fails to provide the security expected by those who use it.
  • Root Causes Episode 108: Why do Certificates Expire? Recorded: Jun 18 2021 20 mins
    Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
    Root expirations occasionally make headlines by breaking systems, but it's a fact that certificates are expiring every day, each a potential outage waiting to happen. So why do certificates expire in the first place? Join our hosts as they discuss the reasons for expiration, its advantages over other mechanisms like revocation, and the right amount of time for a certificate to last.
PKI and Security webinars for IT professionals
We are the world's largest commercial SSL Certificate Authority. Our webinars are specially designed to help you protect your online business, connected devices, applications, and digital identities.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Root Causes Episode 89: PKI's Role in Zero Trust
  • Live at: Jun 7 2021 3:30 pm
  • Presented by: Tim Callan, Senior Fellow at Sectigo & Jason Soroko, CTO of PKI at Sectigo
  • From:
Your email has been sent.
or close