Hi [[ session.user.profile.firstName ]]

PKI Meets Red Team: Revealing Common Microsoft AD CS Misconfigurations

Microsoft Active Directory (AD) PKI is widely used by enterprises today, yet it has largely flown under the radar of attackers and defenders – until now. Recent research by SpecterOps reveals common user misconfigurations in AD CS that, if left unchecked, create serious security blindspots that attackers can abuse for credential theft, domain escalation, and persistence.

Join leading Red Team & PKI Experts from SpecterOps and Keyfactor as they discuss the findings of the report, “Certified Pre-Owned: Abusing Active Directory Certificate Services.”

In this discussion, they’ll cover:

-What AD CS is and how it works
-Common AD CS misconfigurations
-PKI architecture and implementation flaws
-Defensive advice and best practices to mitigate attacks
Recorded Aug 17 2021 46 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ted Shorter, CTO, Chris Hickman, CSO, Lee Christensen, Technical Architect, & Will Schroeder, Technical Architect
Presentation preview: PKI Meets Red Team: Revealing Common Microsoft AD CS Misconfigurations

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Machine ID Management vs. Digital Transformation: Building a Secure Future Oct 21 2021 2:00 pm UTC 75 mins
    Benjamin David
    Machines already outnumber the humans on your network, which means every machine needs a trusted identity. Consider IoT devices, mobile devices and software-defined workloads and applications – trusted identity for each and every machine is critical.

    As zero-trust and multi-cloud architecture become the norm, the role of machine identities in enterprise IAM (identity and access management) has reached critical importance – each needing to be managed and protected. The stakes are high, and keeping ahead of outages, key theft or misuse and internal and regulatory audits is a serious challenge.

    In this webinar, our panel will discuss:
    · The use (and misuse) of machine identities in organizations today
    · Implications of machine IDs on data privacy and protection
    · Strategies and recommendations to manage machine identities
    · How to operationalize your strategy with a Crypto Center of Excellence (CCoE)
  • How To Stay Ahead of Digital Identity and Security Trends Oct 7 2021 5:00 pm UTC 60 mins
    Daniel Goldfeld, Perimeter 81, VP Customer Success & Ryan Yackel, Keyfactor, VP of Product Marketing
    To help celebrate Cybersecurity Month, Keyfactor and Perimeter 81 are seeking to make it easier for businesses to understand how to stay ahead of digital identity and security trends.

    The digital world is moving faster and faster, powered by automation, powerful connectivity, and smart technology, purpose-built to make life easier. However, as the world becomes more connected, efficient, and intelligent, new challenges emerge for how to remain secure. In this new era of digital security, organizations must be vigilant and proactive when protecting critical resources, data, and digital identities. But most available services are unable to provide a robust security solution with the ability to scale quickly without disturbing operations or the bottom line.

    How do businesses and organizations secure, scale, and manage their digital business security and identities?

    In this webinar, Keyfactor, a leader in PKI as-a-Service and machine identity management, partners with Perimeter 81, a leader in zero trust network security, for an exciting new digital security discussion. Daniel Goldfeld, VP of Customer Success of Perimeter 81, and Ryan Yackel, VP of Product Marketing of Keyfactor, come together to share how businesses can overcome their challenges with scale, and complexity for safer business and enterprise security.

    What will they discuss?
    - The State of Digital Identity and Security Trends
    - Machine Identity Management
    - Zero Trust Technology for The Modern Business
  • IoT Lifecycle: Securely Capturing the Power of Connectivity Oct 6 2021 3:00 pm UTC 93 mins
    Ellen Boehm, VP of IoT Strategy & Operations and Blake Wood, Director of Alliances
    Today, IoT solves pressing business problems across many industries. Early adopters of this technology—such as healthcare, smart cities, building management, utilities, transportation, and manufacturing—are attesting to its many benefits. These systems are built for longevity and scale through integration with the cloud. This expanded perimeter can create a large and lasting attack surface. It is therefore critical to ensure that security is embraced within each step of an IoT lifecycle.

    In this Remote Session webcast, Blake Wood, Director of Alliances at Thales, and Ellen Boehm, VP of IoT Strategy and Operations at Keyfactor, will walk you through a comprehensive framework for a scalable IoT lifecycle and discuss the importance that Zero Trust, PKI, and signing play in securing this process.

    Originally presented as a SecureWorld Remote Session.
  • New Strategies for Managing Machine Identities Recorded: Sep 16 2021 60 mins
    Danny Bradbury
    Machine identities are everywhere. From cloud services, containers, and applications, to the code running on them, every machine needs a trusted identity.

    But with the rapid increase in machine identities, many security and infrastructure teams are left with an uneasy feeling of not being in control. The stakes are high – keeping ahead of certificate outages, key theft or misuse, and audits is a constant challenge.

    The result? 88% of organizations still experience serious outages due to expired certificates. Another 89% of organizations experienced at least three failed audits due to insufficient key management.
    In this webinar, you’ll learn:
    • Why crypto-agility emerged as a top priority for organizations
    • Key risks and challenges in managing machine identities
    • How to build a case for prioritizing machine identity and reduce risk of unmanaged machine identities
    • Steps for building a Crypto Center of Excellence (CCoE)
  • Managing PKI in Hybrid and Multi Cloud Environments Recorded: Sep 2 2021 61 mins
    Shian Sung, Director of Solutions Engineering and Ryan Sanders, Sr. Product Marketing Manager
    PKI isn't what it used to be. Today, enterprises need to support multiple public and private CAs to match the unique demands of various use cases, trust requirements, and hybrid cloud environments.

    With this transition comes the need to manage thousands of machine identities and short-lived certificates at hyper-scale across any CA, on-premises or in the cloud. Many PKI and security teams struggle to find a balance between agility and control, as they're forced to adapt to this new reality.

    In this discussion and demo, Shian Sung, Director of Solutions Engineering, and Ryan Sanders, Sr. Product Marketing Manager, will share insights into how PKI deployments have evolved and what your team can do to consolidate visibility and governance in hybrid and multi-cloud environments.

    What we will cover:

    -Key considerations for PKI deployments on-premises and in the cloud
    -Common risks and challenges we see in real-world customer environments
    -How requirements differ between public, private and cloud-native CAs
    -How to adopt a modern, multi-cloud PKI strategy
  • PKI Meets Red Team: Revealing Common Microsoft AD CS Misconfigurations Recorded: Aug 17 2021 46 mins
    Ted Shorter, CTO, Chris Hickman, CSO, Lee Christensen, Technical Architect, & Will Schroeder, Technical Architect
    Microsoft Active Directory (AD) PKI is widely used by enterprises today, yet it has largely flown under the radar of attackers and defenders – until now. Recent research by SpecterOps reveals common user misconfigurations in AD CS that, if left unchecked, create serious security blindspots that attackers can abuse for credential theft, domain escalation, and persistence.

    Join leading Red Team & PKI Experts from SpecterOps and Keyfactor as they discuss the findings of the report, “Certified Pre-Owned: Abusing Active Directory Certificate Services.”

    In this discussion, they’ll cover:

    -What AD CS is and how it works
    -Common AD CS misconfigurations
    -PKI architecture and implementation flaws
    -Defensive advice and best practices to mitigate attacks
  • Preparing for Crypto-Agility: The Top 10 PKI Metrics You Should Care About Recorded: Aug 12 2021 45 mins
    Sami Van Vliet, Principal Product Manager and Ryan Yackel, VP of Product Marketing
    Are your PKI operations running as smooth as butter? If your answer is no, then this webinar is just what you need to learn how to accurately analyze the health of your crypto-agility readiness.

    Most organizations aren’t aware of how many certificates and keys they have under management, or worse, not under control. Without an accurate inventory, organizations will experience more outages and have a greater risk of an attack or failed audit. But, getting an inventory is just the tip of the iceberg when it comes to the PKI and certificate management reporting metrics that matter.

    Join Sami Van Vliet, Principal Technical Product Manager, and Ryan Yackel, VP of Product Marketing, as they share practical advice for tracking your machine identities.

    You’ll learn:

    -Why identifying key metrics is important to your PKI operations running smoothly
    -What metrics are worth tracking when it comes to machine identity management
    -How to create a baseline for must-have metrics
  • How PKI, Crypto and Machines make the Digital World Go Round Recorded: Aug 5 2021 60 mins
    David Mahdi - VP, Analyst, Security & Privacy at Gartner
    Cryptography is now critical infrastructure for digital business as it is the foundation for digital trust. As the world digitally transforms non-human or machines will rise to conduct and transact critical elements of business and society. Yet, all of this hinges on PKI, and cryptography; and it must be orchestrated, managed and automated. For years, many security leaders have struggled to manage all the mission critical systems that rely on cryptography. And with new use cases such as cloud, DevOps, and RPA, the situation is further complicated making life even more difficult for security and IT leaders. Join this session to learn how and why cryptography is now critical infrastructure.
  • Scaling PKI in the Cloud with Keyfactor & Google CA Service Recorded: Jul 27 2021 28 mins
    Gary Noe, Sr. Intergration Engineer and Ryan Sanders, Sr. Product Marketing Manager
    Google Cloud’s Certificate Authority Service makes it easy for DevOps and Infrastructure teams to rapidly issue certificates into the cloud, without the complex PKI setup. However, the next challenge becomes how to manage these certificates at massive scale.

    Keyfactor integrates directly with Google CA Service to provide real-time inventory, monitoring, and automated workflows for every certificate. That means your teams can be more productive, avoid preventable outages, and streamline PKI management as you scale up.

    Join Gary Noe, Sr. Integrations Engineer, and Ryan Sanders, Sr. Product Marketing Manager, for a 30-minute discussion and live demo of the Keyfactor CA Gateway for Google CA Service.

    In this webinar, we’ll cover:

    -The challenges of managing CAs in hybrid and multi-cloud environments
    -How to leverage Keyfactor and Google for highly scalable, hybrid PKI
    -A live demo with Google Cloud CAS and Google Cloud Load Balancer
  • Securing Devices with Cloud PKI: Your Questions Answered by IoT Security Experts Recorded: Jul 20 2021 33 mins
    Ellen Boehm, VP of IoT Strategy & Operations and Damon Kachur, Senior Director
    The Internet of Things (IoT) is transforming the world we live in at a rapid rate – and it isn’t slowing down. Billions of network-connected devices are deployed into mission-critical environments such as medical devices, industrial and manufacturing control systems, and built-in vehicle sensors.  

    As more stringent customer requirements emerge and the regulatory landscape evolves, manufacturers must address security concerns like authentication, data encryption, and integrity of software and firmware on their devices. Ensuring that IoT solutions meet these key requirements is not only critical for today’s threats, but also for future product and security lifecycle challenges.  

    With the emergence and continued growth of IoT, Public Key Infrastructure (PKI) has become an instrumental tool in securing the next generation of industrial and consumer-connected devices.  

    Join Ellen Boehm, VP of IoT Strategy & Operations at Keyfactor, and Damon Kachur, Senior Director at PrimeKey, as they take your questions live and discuss: 
     
    -Digital transformation and what it means for device manufacturers 
    -Changes in the regulatory landscape and what security standards manufacturers should be aware of to continue deployment of their connected devices 
    -How embedding security in connected devices using cloud-based PKI can become a competitive advantage for your business
  • Real-World Machine Identity Management in Action Recorded: Jun 23 2021 31 mins
    Toby Gaff, Director of Solutions Engineering & Ryan Yackel, VP of Product Marketing
    From IoT and mobile devices to software-defined applications, cloud instances, containers, and even the code running within them, machines already outnumber humans. The criticality of machine identity management propelled Gartner to recognize it as a new category in their 2020 Hype Cycle for Identity and Access Management Technologies report:

    “This is a new profile that reflects an increased need to manage cryptographic keys, X.509 certificates that are used to establish trust in the identities of machines, such as IoT devices, virtual machines, containers, and RPA bots”, said Ant Allen, Gartner Analyst.

    With the emergence of machine identity management as an industry-recognized term, it is more crucial than ever for organizations to manage and protect these identities.

    To see real-world Machine Identity Management in action, join Ryan Yackel, VP of Product Marketing, and Toby Gaff, Director of Solutions Engineering, for a demo and discussion of how Keyfactor Command enables full visibility, control, automation and orchestration.

    In this 30-minute webinar, you’ll learn:

    -How to get a continuous inventory of your machine identities
    -How to automate identity lifecycle
    -How to extend machine identity management with other tools (e.g. HashiCorp Vault, Istio)
  • PKI for IoT: How to Secure Connected Devices from Design to End-of-Life Recorded: Jun 16 2021 46 mins
    Ellen Boehm, VP of IoT Strategy & Operations, Keyfactor; Ryan Sanders, Sr. Product Marketing Manager, Keyfactor
    Companies are now deploying billions of network-connected devices into mission-critical environments, such as medical devices, industrial, and manufacturing control systems.

    However, as more stringent customer requirements and regulations emerge, manufacturers must address security concerns, such as authentication, data encryption, and integrity of software and firmware on their devices.

    With the emergence of IoT, PKI has become an instrumental tool in securing the next generation of industrial and consumer-connected devices. In this session, Keyfactor’s VP of IoT Strategy and Operations, Ellen Boehm, and Senior Product Marketing Manager, Ryan Sanders, will discuss:

    Security challenges that IoT developers and device manufacturers face
    How PKI can address challenges with complex supply chains and product lifecycles
    Considerations for design, deployment and management of PKI for IoT devices
  • Achieve IAM Agility for Machine Identities Recorded: Jun 16 2021 43 mins
    Ted Shorter, CTO & Co-Founder, Keyfactor and Sean Ryan, Senior Analyst - Security & Risk, Forrester
    The IAM practices of long-standing organizations were built for rigid structure and slow, predictable changes. The seismic shift to dynamic workloads, rapid change, agile business, and the like puts tremendous strain on these systems. This is especially true for the massive scale and high velocity of machine identities, which are growing exponentially across organizations. We will reveal the underlying problems with managing machine identities and propose strategies and tactics to overcome operational challenges and security risks.
  • Navigating Vehicle and IoT Security: Your Questions Answered by Crypto Experts Recorded: Jun 9 2021 30 mins
    Ellen Boehm, VP of IoT Strategy and Chris Conlon, Engineering Manager
    Securing vehicles is hard – perhaps harder than just about any other device. Don’t take our word for it. A simple internet search reveals that all major automobile manufacturers have experienced a vehicle security exposure.

    Join Keyfactor and wolfSSL for a Live Q&A with VP of IoT Strategy, Ellen Boehm, and Engineering Manager, Chris Conlon, as they discuss embedding strong cryptography into vehicle and IoT devices:

    -Unique security challenges that engineers face when securing connected vehicles
    -Address the role that cryptography plays in securing vehicles
    -Practical advice on how these same principles can improve security for other connected IoT devices where high assurance and scalability are a must
  • Biden's Cybersecurity Executive Order: Your Questions Answered by Crypto Experts Recorded: May 26 2021 30 mins
    Ellen Boehm (VP of IoT Strategy & Operations), Ted Shorter (CTO & Co-Founder), Tomas Gustavsson (CTO & Founder of EJBCA)
    There has been an awakening for the importance of modernizing cyber security infrastructure --- and it’s about time.

    On May 12th, President Biden signed an Executive Order (EO) to “improve the nation’s cyber security and protect federal government networks.” This EO comes shortly after the recent Colonial Pipeline ransomware attack and previously cyber security incidents that affected both SolarWinds and Microsoft Exchange.

    The EO touts modernizing critical infrastructure with Zero Trust Architecture and improving supply chain security. But what does this mean for both the public and private sector? Where does the role of securing machine identities play in building stronger standards?

    Join Keyfactor's Ellen Boehm (VP of IoT Strategy & Operations), Ted Shorter (CTO & Co-Founder), and PrimeKey's Tomas Gustavsson (CTO & Founder of EJBCA) as they break down the most important sections of the EO and answer your questions on where cryptography plays a role in securing our nation for the future.
  • The State of Machine Identity Management 2021: Expert Insights and Key Takeaways Recorded: May 19 2021 60 mins
    Chris Hickman, Chief Security Officer and Ryan Sanders, Senior Product Marketing Manager
    Machine identities are everywhere. From cloud services, containers, and applications, to the code running on them, every machine needs a trusted identity.

    But with the rapid increase in machine identities, many CIOs and CISOs are left with an uneasy feeling of not being in control. The stakes are high – keeping ahead of certificate outages, key theft or misuse, and audits is a constant challenge.

    The result? 88% of organizations still experience serious outages due to expired certificates. Another 89% of organizations experienced at least three failed audits due to insufficient key management.

    Join Chris Hickman, Chief Security Officer, and Ryan Sanders, Senior Product Marketing Manager, to hear key takeaways from the Ponemon Institute 2021 State of Machine Identity Management Report, including:

    -Why crypto-agility emerged as a top priority for organizations
    -Key risks and challenges in managing machine identities
    -The importance of machine identity management in Enterprise IAM strategy
  • Secure Code Signing in the Software Supply Chain Recorded: Apr 21 2021 28 mins
    Eric Mizell, VP of Field Engineering and Ryan Sanders, Sr. Product Marketing Manager
    If you’re developing software, deploying over the air (OTA) firmware updates, or spinning up containers, you know the importance of code signing as a security best practice.

    Code signing is more important and more complex than ever. Faster releases, entirely remote teams, and complex supply chains make manual, hardware-based solutions ineffective. So how do you protect signing keys and simplify the signing process?

    Join Eric Mizell, VP of Solution Engineering, and Ryan Sanders, Sr. Product Marketing Manager, for a live demo and discussion of how Keyfactor Code Assure enables fast and secure signing.

    In this 30-minute session, we’ll cover:

    -Known risks and complexities in code signing
    -Use cases: Traditional, DevOps and CI/CD, and IoT manufacturing
    -A live demo of the Keyfactor Code Assure platform
  • How to Build End-to-End IoT Device Security at Scale Recorded: Apr 21 2021 44 mins
    Ted Shorter (CTO), Ellen Boehm (VP, IoT Strategy), Kim Bybjerg (VP at Tata Communications), Paul Hampton (Sr. Product Mgr.)
    Connected things include a variety of IoT endpoint devices across several critical infrastructure segments, including utilities, automotive, healthcare, retail, and building automation. Complex manufacturing supply chains make it difficult to build electronic devices that can be trusted – forcing security to be bolted on as a feature rather than being a critical element designed at the start of a product’s lifecycle.

    By adopting a Zero Trust approach, IoT manufacturers can ensure device trustworthiness and security at scale through their product's end-to-end lifecycle.

    In this panel with device security experts, discussion topics will include:

    -How businesses can gain a competitive advantage by embedding security in the devices they manufacture
    -Regulations relating to IoT security that manufacturers should be aware of
    -Where secure crypto fits into the product design and lifecycle process
    -Common IoT device security challenges that require a zero trust manufacturing approach

    Device security experts in this panel include:

    -Ted Shorter, Co-Founder & CTO at Keyfactor
    -Ellen Boehm, VP of IoT Strategy and Operations at Keyfactor
    -Kim Bybjerg, VP/Head of Continental Europe at Tata Communications & Chairman of IMC (IoT M2M Coucil)
    -Paul Hampton, Senior Product Manager, Thales
  • Zero Trust Manufacturing: How to Embed IoT Device Security in Your Supply Chain Recorded: Mar 31 2021 45 mins
    Ellen Boehm, VP of IoT Strategy & Operations and Ryan Yackel, VP of Product Marketing
    With so many supply chain partners, the reality is that you cannot trust the security of the manufacturing process to ensure that the hardware, firmware or credentials of the device have not been altered. 

    Manufacturers must take a “zero trust manufacturing” approach and design security into the device while maintaining effective security controls throughout the manufacturing process and product lifecycle to ensure the security, trustworthiness and safety of a device.

    Join Ellen Boehm, VP of IoT Strategy & Operations and Ryan Yackel, VP of Product Marketing, as they walk through how IoT manufacturers can navigate complex supply chains to build trusted IoT devices.

     In this webinar, you will learn:

    -Common IoT device security challenges that require a zero trust manufacturing approach
    -Where supply chain security breakdowns occur
    -Best Practices to Achieve Zero Trust Manufacturing
  • Keyfactor + Avi Vantage (VMware): Stop Outages & Start Certificate Automation Recorded: Mar 15 2021 31 mins
    Brian Taricska | Solutions Engineer & Ryan Sanders | Sr. Product Marketing Manager
    If you’re a Network Engineer, downtime is enemy number one. Keeping up with change requests, troubleshooting issues, and implementing new hardware is hard work – but all of that gets derailed when an application outage strikes.

    In this webinar, we’ll look at how network engineers can eliminate certificate-related outages and reduce manual, repetitive tasks with certificate discovery and lifecycle automation for Avi Vantage (VMware).

    Join Brian Tariscka, Solutions Engineer and Ryan Sanders, Sr. Product Marketing Manager for a 30-minute overview and live demo of the Keyfactor + Avi Vantage (VMware) integration.

    See how you can leverage Keyfactor to:

    -Discover SSL and client certificates across your load balancers
    -Simplify certificate requests with fast, easy self-service
    -Automate certificate provisioning, installation and renewal
Leader in Cloud-First PKI as-a-Service & Crypto-Agility Solutions
Keyfactor is the leader in cloud-first PKI as-a-Service and crypto-agility solutions. Our Crypto-Agility Platform empowers security teams to find, control, and automate every machine identity with Keyfactor. We help our customers apply cryptography in the right way from modern, multi-cloud enterprises to complex IoT supply chains. With decades of cybersecurity experience, Keyfactor is trusted by more than 500 enterprises across the globe.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: PKI Meets Red Team: Revealing Common Microsoft AD CS Misconfigurations
  • Live at: Aug 17 2021 5:00 pm
  • Presented by: Ted Shorter, CTO, Chris Hickman, CSO, Lee Christensen, Technical Architect, & Will Schroeder, Technical Architect
  • From:
Your email has been sent.
or close