Name: Secure Code Signing in the Software Supply Chain
Start: 2021-04-21T17:00:00Z
End: 2021-04-21T17:00:27.000Z
Location: BrightTALK
Rating: 0

Keyfactor is the machine and IoT identity platform for modern enterprises. The company helps security teams manage cryptography as critical infrastructure by simplifying PKI, automating certificate lifecycle management, and enabling crypto-agility at scale. Companies trust Keyfactor to secure every digital key and certificate for multi-cloud enterprises, DevOps, and embedded IoT security. 

The adoption of cloud, AI, and connected devices has blurred the boundaries of trust. The just-released 2024  PKI and Digital Trust report reveals that, as organizations embrace connectivity to drive efficiency and innovation, IT and security teams are struggling to keep pace. 

Public key infrastructure (PKI) is the key to helping them stay one step ahead, defining who and what is trusted. PKI was once "the server in the closet that spits out certificates,” but times have changed. Now, only 2% of organizations are satisfied with their current PKI deployment.

This year’s report signals that PKI is critical infrastructure for organizations to establish digital trust across increasingly complex and hyper-connected environments. Yet, 72% of organizations say that PKI and machine identity management present serious problems, resulting in disruptive system outages, security incidents, and audit failures.

Join Chris Hickman, Chief Security Officer, as he discusses key insights and takeaways from the report, including: 

- The role of PKI and machine IDs in modern IT

- Key risks and challenges in managing PKI

- Top threats and trends

- And the state of quantum-readiness 

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .75 CPE credit by viewing this webinar.

Key Takeaways from the 2024 PKI & Digital Trust  Report

Join Duncan Jones, Head of Cybersecurity, Quantinuum and Ted Shorter, CTO, Keyfactor as they discuss how a partnership is strengthening public key infrastructure by combining EJBCA with quantum-enhanced entropy from Quantum Origin to provide the strongest foundation for digital infrastructures. 

They will discuss what and how you can start testing PQC today, even before the final standards are released, because once they are, boards and C-level executives will be asking you for your plan.

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .5 CPE credit by viewing this webinar.

It Takes a Village:  PQC Requires Partnership

With the upcoming NIST algorithm finalizations expected within months, organizations need to get their cryptographic hygiene in order. The first to be impacted by new compliance regulations are PKI, TLS, Code Signing, and IoT.  Learn how to build a plan for inventory discovery, assessment, stakeholder buy-in, budgeting, and project timelines. Join both Chris Hickman, CSO (Keyfactor) and Blair Canavan, Director Alliances (Thales) during this pragmatic readiness webinar.
 
Topics include:
How 2024 NIST finalizations impact organizations
Ensuring stakeholder support and budgets
Cryptographic discovery heat-mapping and remediation
Building a project roadmap with priorities, timeframes, and budgets

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .5 CPE credit by viewing this webinar.

NIST is Coming for your Algorithms!  Ready or Not, Here They Come

Join David Hook, VP of Software Engineering, Bouncy Castle, as he shares insights on the state of post-quantum cryptography and the how security practitioners can prepare today for the approaching change. 
 
David will discuss:  
- The urgency behind post-quantum cryptography. 
- His outlook on the imminent shift towards post-quantum cryptography and its implications for cybersecurity
- Strategies to fortify cryptographic infrastructure, emphasizing algorithmic agility and transition planning.  
- Risk assessment methodologies and deployment strategies, empowering you to safeguard sensitive data in the quantum era. 

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .5 CPE credit by viewing this webinar.

The Great PQC Migration: A Flight to Safety

Join us for a webinar diving deep into the critical role of SSL/TLS certificates in safeguarding sensitive data amidst the dynamic cybersecurity landscape, especially within the industrial sector's digital transformation. Learn how these certificates form the bedrock of secure connections, ensuring the confidentiality of online information.

During this live webinar with experts Andreas Philipp and Florian Handke, we will explore:
• The implications of certificate failures
• Strategies for mitigating certificate outages
• Resolving challenges with self-signed certificates

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

How to avoid certificate outages in industrial application

Embark on an insightful journey through the dense compliance jungle, where our expert industry panel—in the field of risk assessment and data protection—will provide actionable takeaways to empower you to thrive in the challenging regulatory terrain.
 
Join seasoned navigators from Keyfactor, Thales and CRYPTAS as they discuss common IT security challenges and share strategies to enable you to carve a secure path to NIS2, DORA, GDPR, ISO, and TISAX compliance. Get practical advice on how cryptography can fundamentally enhance preventive measures for authenticity and confidentiality.
 
Key takeaways:
- Uncover Regulatory Species: Decode the unique characteristics of NIS2, DORA, GDPR, ISO, and TISAX.
- Survival Tactics: Learn practical strategies to master your next security audit with confidence.
- Shielding Strategies: Acquire actionable techniques to fortify your organisation against compliance challenges.
- Risk Safari: Understand how compliance is your compass in the wild, mitigating the potential business risk of failed audits.
- Interactive Exploration: Engage in a live Q&A, where your queries become the talking points for the experts.

So, if you’re a security leader looking to equip yourself with the tools of knowledge to navigate the compliance jungle with ease, look no further. 

Register now!

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn (1) CPE credit by viewing this webinar.

Speakers:  Stefan Bumerl, CEO and Founder, CRYPTAS Internet Security GmbH; Admir Abdurahmanovic, SVP Strategy,Keyfactor; Romain Deslorieux, Strategic Partners Director, Global System Integrators, Thales

Navigating the Compliance Jungle: Interactive Panel with Cybersecurity Experts

So, it’s time to re-build your PKI. Maybe your root CA is about to expire or your HSM is near end of life. You may be rolling out a new project, or maybe it’s just that your current PKI isn’t up to par. In any case, there’s a lot to consider. With so many tools, technologies, and protocols, it’s hard to know where to start. 

 

In this final episode, we will discuss the different paths to modernizing PKI, including: 

• Key considerations when rebuilding PKI or migrating PKI to the cloud 

• Understanding new use cases, protocols, and PKI practices 

• Finding the right technology fit for your unique requirements 

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

Finding the path to PKI bliss (hint, it’s not ADCS)

Originally released in the early 2000s, Active Directory Certificate Services (ADCS), aka Microsoft PKI, is still widely used by organizations. However, what was once the ‘safe’ choice (or the only choice) then has become one of the biggest vulnerabilities in organizations’ infrastructure today. 

In this episode, we’ll discuss: 

• Top 5 security risks and operational limitations of Microsoft ADCS 

• Common misconfigurations and pitfalls 

• Lessons learned from the field (and how to avoid them) 

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

5 things you should know about Microsoft PKI

Now is the time to think about the implications that industry standards and regulations will have in regard to impacting product development and your business growth.
Join us as we look into shaping of the future of IoT security and addressing crucial budgetary and liability challenges.
Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

Shaping Tomorrow's IoT: Navigating Standards, Innovation, and Security

The landscape of cybersecurity for IoT and connected devices is constantly changing. Get insight into the rising tide of cyber attacks, their multiple avenues, and the consequential financial and reputational impacts on organizations, as well as effective security measures.

Join us in this episode, as we navigate the challenges, and learn from real-world experiences to secure you against cyber threats.

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

Safeguarding Operators & User Organizations in the IoT Era

Get insight into the challenges faced by OEM organizations in securing IoT and connected devices. In this episode will focus on the methods used for device security, the impact of industry standards, and the critical role of continued support throughout a product lifecycle. 

Join us as we look into how to strengthen connected products against ever-evolving cyber threats.

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

Securing IoT: Inside the World of OEM Challenges & Solutions

There is a delicate balance between security compliance and complacency in the world of IoT and connected devices.

Join us for this update, where we will unmask the challenges of assuming protection and the urgent need for improvements as companies deal with vulnerabilities.

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

Unlocking IoT Security: Navigating Compliance vs. Vulnerability

Organizations are realizing that there is an increased need for improvement when it comes to the security of IoT/connected products, so what can be done? 

In episode one of the five-part series, we will review the key findings from the ‘Navigating the State of IoT’ report.

Tune in for the highlights as we unpack the future of IoT protection!

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

Key Findings from Navigating the State of IoT Security Report

Are you and your company facing the challenges of the digitalization process? Are you expanding your existing product range with cloud-based offerings? Cyber security should be a top priority for your industrial company, not only because of the increasing threat of cyber-attacks but also because compliance with security regulations such as NIS2 is more important than ever. 

During this live webinar, we will walk through how certificate management and public key infrastructure provides you with an essential building block for implementing and complying with cybersecurity regulations. 

Watch this session to gain insight into PKI and certificate management as a foundation for your company’s cybersecurity. 
 

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

PKI and Certificates for Industrial IoT: What They Are and Why You Need Them

PKI is undoubtedly critical to protect your organization’s infrastructure. It provides a reliable means to control access and securely connect devices, workloads, and people at scale. However, new use cases, vulnerability exploits, software end-of-life, and future risks posed by quantum technology are forcing organizations to rethink their strategy. 

In this episode, Chris Hickman will discuss: 

• How the role of PKI has evolved since the release of ADCS in the early 2000s 

• 4 common scenarios that push PKI to its breaking point 

• How to decide if and when you need to consider replacing or migrating your PKI 

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

Is it time to replace your Microsoft PKI? 4 key considerations

More devices. More workloads. More transactions. Digital trust has never been so vital—or so complex. Effective PKI is fundamental to ensuring digital trust and building a robust cybersecurity strategy for your organization. 

In this webinar, Tomas Gustavsson, Chief PKI Officer at Keyfactor, joins Thales’ Craig Read, Head of Research and Engineering Ebbw Vale, to share valuable insights into successfully implementing PKI. 

Agenda 

• What is PKI, and why should you care? 

• How does PKI implementation fail, and what can be done to ensure success? 

• How Thales and Keyfactor can help your organizations gain unmatched agility, control, and scalability with your PKI implementation. 

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn (1) CPE credit by viewing this webinar.

How to successfully implement PKI

The Keyfactor team recently joined attendees at the IIoT World ICS Cybersecurity Day. During the event, our IoT team shared their insights into how manufacturers can implement identity-first security to protect their products.

In this webinar, catch up with the insights shared, including: 
• Evolving attack vectors, emerging defense strategies, and best practices to fortify industrial control systems. 
• How identity-first security enables authentication, encryption, and system integrity for connected sensors, applications, and machines.
• Why secure data exchange between factory equipment and control systems is essential in order to securely maintain the factory of today and tomorrow.  

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn 1 CPE credit by viewing this webinar.

Securing Industrial Assets with X.509 Certificates

Node-RED is a popular open-source visual programming tool for wiring together devices, APIs, and online services. It is often used in industrial settings to facilitate the development of IoT (Internet of Things) applications, automate processes, and monitor equipment. Especially when it comes to issuing and managing certificates and device identities, processes are an essential part. Here Node-RED can support with its basic functionality. 
 
Join IoT experts Andreas Philipp, Keyfactor and Florian Handke, Campus Schwarzwald, for this live webinar to discover:
• An introduction to Node-RED and the benefits of the tool for IoT manufacturers 
• How public key infrastructure (PKI) and certificate management aligns with Node-RED
• Where Keyfactor EJBCA integrates into Node-RED and the opportunities to automate workflows

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .75 CPE credit by viewing this webinar.

How to use Node-RED to manage certificates

If you’re developing software, deploying over the air (OTA) firmware updates, or spinning up containers, you know the importance of code signing as a security best practice. 

Code signing is more important and more complex than ever. Faster releases, entirely remote teams, and complex supply chains make manual, hardware-based solutions ineffective. So how do you protect signing keys and simplify the signing process? 

Join Eric Mizell, VP of Solution Engineering, and Ryan Sanders, Sr. Product Marketing Manager, for a live demo and discussion of how Keyfactor Code Assure enables fast and secure signing. 

In this 30-minute session, we’ll cover:  

-Known risks and complexities in code signing 
-Use cases: Traditional, DevOps and CI/CD, and IoT manufacturing 
-A live demo of the Keyfactor Code Assure platform

Secure Code Signing in the Software Supply Chain

CICD

DevOps

DevSecOps

firmware

code signing

Cyber Security

IT Security

Digital Identity

IoT Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Secure Code Signing in the Software Supply Chain

Presented by

About this talk

More from this channel