Name: Integrating Secure Code Signing in the CI/CD Pipeline
Start: 2022-11-15T17:00:00Z
End: 2022-11-15T17:00:30.000Z
Location: BrightTALK
Rating: 4.9

Keyfactor is the machine and IoT identity platform for modern enterprises. The company helps security teams manage cryptography as critical infrastructure by simplifying PKI, automating certificate lifecycle management, and enabling crypto-agility at scale. Companies trust Keyfactor to secure every digital key and certificate for multi-cloud enterprises, DevOps, and embedded IoT security. 

En una era hiperconectada la confianza digital es la columna vertebral de nuestro mundo. Desde el trabajo remoto hasta los dispositivos inteligentes, cada interacción se basa en un sistema de confianza complejo. En el centro de este sistema se encuentra una poderosa herramienta conocida como PKI, que garantiza la seguridad e integridad de nuestro entorno digital. Sin embargo, a medida que crece nuestra dependencia en la confianza digital, también aumentan las amenazas en su contra. Acompaña a Julio Prada de Keyfactor en un recorrido hacia el lado oscuro de la confianza digital. Descubre cómo la confianza puede ser comprometida, mal utilizada o incluso convertida en arma por actores malintencionados. A través del análisis de incidentes de seguridad y fallos en el mundo real, obtendrás valiosas perspectivas para defender a tu empresa de amenazas emergentes contra la confianza digital. 

Al asistir a este seminario web, podrás: 

Comprender el papel crítico de la PKI en el mantenimiento de la confianza digital y las posibles consecuencias cuando se ve comprometida. 

Identificar las principales amenazas a la confianza digital, como fallos inesperados, autoridades de certificación fraudulentas, sabotaje de firmas de código y los desafíos de la computación cuántica. 

Obtener conocimientos prácticos sobre la implementación de cripto-agilidad y otras estrategias defensivas para proteger la infraestructura de confianza digital de tu organización. 

No pierdas la oportunidad de convertirte en un Jedi de la PKI y proteger tu negocio en el cambiante panorama digital. Regístrate ahora para armarte con el conocimiento necesario para combatir el lado oscuro de la confianza digital. 

Ponente: Julio Prada, Sales Director Keyfactor

El Lado Oscuro de la Confianza Digital

À l'ère actuelle, où tout est interconnecté, la confiance numérique est le pilier dans notre monde cyber. Du travail à distance aux objets intelligents, chaque interaction repose sur un système de confiance complexe. Au cœur de ce système se trouve une "force puissante", la PKI, assurant la sécurité et l'intégrité de notre paysage numérique. Cependant, à mesure que notre dépendance à la confiance numérique s'accroît, les menaces contre elle augmentent aussi. Rejoignez Pierre Codis de Keyfactor pour un voyage vers le côté obscur de la confiance numérique. Découvrez comment cette confiance peut être compromise, détournée ou même utilisée comme une arme par des acteurs malveillants. En illustrants des incidents et pannes de sécurité réels, vous obtiendrez des perspectives précieuses pour protéger votre entreprise face aux menaces en évolution visant la confiance numérique.  

En participant à ce webinaire, vous pourrez :  

Comprendre le rôle essentiel de la PKI dans le maintien de la confiance numérique et les conséquences potentielles lorsqu'elle est compromise.  

Identifier les principales menaces pour la confiance numérique, y compris les pannes inattendues, les autorités de certification malveillantes, le sabotage de signature de code et les défis posés par l'informatique quantique.  

Acquérir des connaissances pratiques sur la mise en œuvre de la crypto-agilité et d'autres stratégies de défense pour protéger l'infrastructure de confiance numérique de votre organisation.  

Ne manquez pas cette opportunité de devenir un Jedi de la PKI et de protéger votre entreprise dans un paysage numérique en constante évolution. Inscrivez-vous dès maintenant pour vous armer des connaissances nécessaires pour combattre le côté obscur de la confiance numérique.  

Conférencier : Pierre Codis, AVP Sales Nordic & Southern Europe

Le Côté Obscur de la Confiance Numérique

In today's "always on" era, digital trust is the backbone of our connected world. From remote work to smart devices, every interaction relies on a complex system of trust. At the heart of this system lies a powerful force known as PKI, ensuring the security and integrity of our digital landscape. However, as our reliance on digital trust grows, so do the threats against it. Join Keyfactor’s Ryan Sanders as he takes you on a journey to the dark side of digital trust. Discover how trust can be compromised, misused, or even weaponized by malicious actors. Through an exploration of real-world security incidents and outages, you'll gain valuable insights into defending your business against evolving threats to digital trust. 

By attending this webinar, you will: 

- Understand the critical role of PKI in maintaining digital trust and the potential consequences when it's compromised. 

- Identify key threats to digital trust, including unexpected outages, rogue certificate authorities, code signing sabotage, and quantum computing challenges. 

- Gain practical knowledge on implementing crypto-agility and other defensive strategies to protect your organization's digital trust infrastructure. 

Don't miss this opportunity to become a PKI Jedi and safeguard your business in the ever-evolving digital landscape. Register now to arm yourself with the knowledge needed to combat the dark side of digital trust. 

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .75 CPE credit by viewing this webinar.

The Dark Side of Digital Trust

In today's "always on" era, digital trust is the backbone of our connected world. From remote work to smart devices, every interaction relies on a complex system of trust. At the heart of this system lies a powerful force known as PKI, ensuring the security and integrity of our digital landscape. However, as our reliance on digital trust grows, so do the threats against it. Join Keyfactor’s Ryan Sanders as he takes you on a journey to the dark side of digital trust. Discover how trust can be compromised, misused, or even weaponized by malicious actors. Through an exploration of real-world security incidents and outages, you'll gain valuable insights into defending your business against evolving threats to digital trust.

By attending this webinar, you will:

- Understand the critical role of PKI in maintaining digital trust and the potential consequences when it's compromised.

- Identify key threats to digital trust, including unexpected outages, rogue certificate authorities, code signing sabotage, and quantum computing challenges.

- Gain practical knowledge on implementing crypto-agility and other defensive strategies to protect your organization's digital trust infrastructure.

Don't miss this opportunity to become a PKI Jedi and safeguard your business in the ever-evolving digital landscape. Register now to arm yourself with the knowledge needed to combat the dark side of digital trust.

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .75 CPE credit by viewing this webinar.

2023 and 2024 have seen a vast number of cybersecurity standards and regulations published. This can lead to confusion about how to manage adherence to all requirements without unnecessary work or worry. In this webinar, Guillaume Crinon, IoT Business Strategy Director, Keyfactor, and Jiannis Papadakis, Director of Solutions Engineering in EMEA, Keyfactor, will discuss some of the overlap and differences between IEC 62443 and the Cyber Resilience Act, as well as practical considerations and tips for manufacturers and suppliers, both in and outside the EU. 

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .75 CPE credit by viewing this webinar.

IEC 62443 and the Cyber Resilience Act: A Practical Discussion

If your business sells into the EU, compliance with the Cyber Resilience Act (CRA) isn’t optional—it’s essential. Are you prepared?

Join Mitch Mershon, Senior Product Marketing Manager at Keyfactor, and Guillaume Crinon, IoT Business Strategy Director, for an insightful session on how the CRA impacts your organization and what you need to do to stay compliant.

In this webinar, we’ll cover:
•             How the CRA affects your entire supply chain
•             Key requirements outlined in the act
•             The critical role of PKI and code signing in compliance
•             How the CRA complements other relevant EU acts and directives
•             Live Q&A session with our experts

Don’t miss this opportunity to get expert insights and ensure your organization is prepared!

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn 1 CPE credit by viewing this webinar.

Preparing for the Cyber Resilience Act with PKI

Join Keyfactor in this upcoming webinar to gain essential insights into the White House’s latest cybersecurity memo and understand the critical steps needed to protect your environment. We'll guide you through practical strategies to begin securing your agency's digital infrastructure and explain how implementing Keyfactor can provide seamless and comprehensive protection. We’ll also explore steps to transition to a post-quantum future now, given that attackers are already storing encrypted data to decrypt later when technology advances (a strategy known as “capture then decrypt”). The time to prepare is now. Don't miss this opportunity to learn how to strengthen your cyber defenses and ensure your agency's digital future is secure. 

 
This session will explore:
- Transitioning to Zero-Trust architecture 
- Ways to enhance public-private collaboration  
- How to Bolster the cybersecurity workforce 
- Preparing for quantum computing challenges 

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .75 CPE credit by viewing this webinar.

Strengthening Cyber Defense: Key Federal Initiatives for a Secure Future

Enterprises with stringent security and regulatory requirements face the dual challenge of managing complex Public Key Infrastructure (PKI) operations while securing cloud infrastructure against diverse threats. Legacy PKI systems often impede scalability and efficiency, while the shared responsibility model of cloud computing raises significant data privacy concerns.

To address these challenges, Keyfactor and Anjuna have formed an alliance. This partnership integrates Keyfactor's EJBCA Enterprise, a robust PKI platform, with Anjuna Seaglass, the Universal Confidential Computing Platform. Together, they offer a unified solution that simplifies digital identity management and enhances data security.

Join our webinar to learn how this collaboration empowers organizations to navigate PKI complexities and secure cloud environments, ensuring compliance and operational efficiency. Discover practical insights and strategies to streamline your digital identity management and fortify your cloud infrastructure against emerging threats.

Streamline Digital Identity & Secure Your Cloud: Insights from Keyfactor & Anjuna

Is your organization prepared for the incoming NIS2 Directive? Join our live webinar to gain a clear understanding of the critical aspects of NIS 2 before it comes into force on October 17th, and how PKI and security teams should prepare.

In this interactive session, Keyfactor’s Ryan Sanders, Senior Director of Product Marketing, will be joined by Admir Abdurahmanovic, SVP of Strategy, to unveil the 5 things you need to know about NIS 2, including:
• Learn about the new risk management measures that set the minimum baseline for cyber hygiene and how to approach them strategically.
• Explore the importance of establishing trust and transparency across the entire software supply chain.
• Understand the need for security-by-design and device lifecycle management for connected products and OT. 

Why Attend:
• Stay ahead of the curve: Gain crucial knowledge before the October 2024 deadline.
• Minimize disruption: Ensure a smooth transition and avoid costly delays.
• Protect your business: Boost your cybersecurity posture and mitigate cyber risks.
• Q&A session: Get your questions answered by our live panel of experts.

Don't miss this opportunity to navigate the NIS 2 landscape with confidence. Register now!

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .75 CPE credit by viewing this webinar.

NIS 2 Directive: Five Things You Should Know Before It Comes Into Force

It’s time to prepare for Q Day? Join the ‘Quantumania’ mini workshop, where Chris Hickman, Keyfactor CSO, offers an in-depth primer on PQC fundamentals for practical application. Explore the latest NIST standards, learn about the new post-quantum algorithms, and understand their impact on your cryptographic infrastructure. 
Additionally, discover how current solutions can support your transition to a post-quantum environment and what your next steps might look like on a PQC roadmap and how to get leadership buy in to move forward. This workshop is crucial for practitioners and implementers aiming to mitigate the risks of the post-quantum era.

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .75 CPE credit by viewing this webinar.

Note: This webinar is a recording from SecureWorld.

A Practical Approach to Post Quantum Cryptography

Join the 'Quantumania' mini workshop, where Ted Shorter will offer an in-depth primer on PQC fundamentals for practical application. 

Explore the latest NIST standards, learn about the new post-quantum algorithms, and understand their impact on your cryptographic infrastructure. Additionally, discover how current solutions can support your transition to a post-quantum environment and what your next steps might look like on a PQC roadmap.

This session is crucial for practitioners and implementers aiming to mitigate the risks of the post-quantum era.

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

Note: This webinar is a recording from Black Hat 2024.

The need for rapid and reliable production of customized products is paramount in today's dynamic manufacturing landscape. Achieving this requires smart production systems that communicate within highly agile environments, ensuring fast manufacturing processes and adherence to tight delivery schedules. However, integrating heterogeneous machinery and IT applications often complicates digital transformation efforts.

Standards such as OPC UA simplify this process by enabling quick and easy connections between various machines and existing IT environments. One of the significant benefits of OPC UA is its robust security standards, which ensure secure data transmission both locally and over the Internet.

But how do these advancements intersect with PKI services and certificate management systems? Join us for an in-depth webinar where we explore the current status of OPC UA standardization, the integration challenges, and the solutions from a PKI manufacturer’s perspective. Learn how PKI can enhance security and efficiency in OT networks.

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .5 CPE credit by viewing this webinar.

The Role of PKI in OT Networks

Join us on July 2nd for an in-depth webinar focused on the implications of the Digital Operational Resilience Act (DORA) for certificate management and Public Key Infrastructure (PKI) strategies within the financial sector.  

With DORA in force and its full application starting January 17th, 2025, noncompliance can lead to significant fines. This interview with Admir Abdurahmanovic , SVP of Strategy at Keyfactor, will guide you through each DORA article related to PKI and certificate lifecycle management.  

What You Will Learn: 

 - Understanding DORA Requirements: Walkthrough of DORA requirements for PKI and certificate management. 
 - Cryptographic Key Management: Best practices for implementing robust cryptographic key management policies. 
 - Compliance Strategies: Practical steps to align your organization's PKI and certificate management strategies with DORA regulations. 

This webinar will provide essential insights into aligning your organization's strategies with DORA's regulations, ensuring operational resilience and cybersecurity best practices. Don’t miss this opportunity to understand the key components of DORA compliance and how to effectively prepare your organization with Keyfactor's proven expertise. 


Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .5 CPE credit by viewing this webinar.

DORA Compliance Made Simple: PKI and Certificate Management Insights

Join Tony Chen, Solutions Engineer, for a look into the 2024 PKI & Digital Trust Report. This expansive global study of more than 1,200 IT professionals offers you an unfiltered look into the challenges in building a strong foundation of digital trust.

We will explore how to:
- Master the elements of PKI, certificate management, and code signing
- Enhance digital trust in your organization
- Begin testing and preparing for post-quantum cryptography

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .25 CPE credit by viewing this webinar.

Key Takeaways from the 2024 PKI & Digital Trust Report

With Q-Day on the horizon, it’s time to think tactfully about your entire crypto stack. Cryptographic libraries, PKI, code signing, and certificate management will all be impacted by the shift to PQC. 

Join Keyfactor’s David Hook, VP of Software Engineering, and Ryan Sanders, Senior Director Product Marketing, as they discuss:
- Considerations and strategies for PQC deployment
- The applicability of different algorithms
- What lies beyond Q Day

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .5 CPE credit by viewing this webinar.

Preparing your crypto stack for PQC

The upcoming paradigm shift to PQC has revealed an unforeseen problem for organizations: who manages cryptography at the business level? Often, cryptography management doesn’t have a clear place in an organization, meaning it doesn’t get the right level of attention.

Join Chris Hickman, Chief Security Officer at Keyfactor, and Itan Barmes, Global Quantum Cyber Readiness Capability Lead at Deloitte, as they discuss:

- How PQC necessitates a holistic view of cryptography management
- What organizations can do to better manage their cryptographic strategy
- Why PQC is more than just technology, it requires governance  
 
Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .5 CPE credit by viewing this webinar.

Quantum Cyber Readiness: A Fundamental Look at Cryptography Management

Cybercriminals have turned their sights on critical industries, targeting critical infrastructure and the broader manufacturing industry. Energy and manufacturing are increasingly susceptible to various forms of cyberattacks, due to aging infrastructure, complex operations, and a growing intersection between OT and IT.
 
As the threat landscape expands, organizations that rely on industrial automation and control systems (IACS) need guidance on how to protect themselves. The IEC 62443 series of standards was specifically designed for security leaders charged with protecting automated components in industrial environments.  

In this webinar, we will dive into the five things you need to know about IEC 62443, including:
- What is IEC 62443, and how it is positioned in the market today
- How 62443 correlates to other standards, like the ISO 2700 series and the Cyber Resilience Act (CRA)
- Where do public key infrastructure (PKI) and code signing fit in the context of 62443

IEC 62443 compliance can also be approached as a business-enabling framework in the context of IIOT and smart manufacturing. Join Jiannis Papadakis, Keyfactor Director of Solutions Engineering EMEA, to learn more! 

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .75 CPE credit by viewing this webinar.

5 Things You Need To Know About IEC 62443

With the CRA now in effect in Europe, securing the life cycle of devices has become a critical focus. In this webinar, we will demonstrate how the Mender.io platform and Keyfactor products work together to create a secure and trustworthy over-the-air (OTA) update process. We will cover the use of digital signatures to ensure secure artifacts and provide a practical guide on configuring the Mender toolchain extension by integrating the Keyfactor Sign Server. 
Join us to learn about enhancing your device security with these powerful tools.
Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .5 CPE credit by viewing this webinar.

Securing OTA Updates for CRA Compliance with Mender and Keyfactor

Issuing Certificates in Microservices with Kubernetes and EJBCA

PKI On-Demand for DevOps with Ansible and EJBCA

Tech Talk

Code signing is a powerful method to protect the integrity of containers, artifacts, and software across the CI/CD pipeline. But signing is more than just certificates and signatures. It’s about integrating the sign and verify process into your pipeline while keeping sensitive keys secure and in the right hands.

If signing processes aren’t secure, it opens to door to malware, exploits, and supply chain attacks. Join Eric Mizell, VP of Solutions Engineering, and Ryan Sanders, Director of Product Marketing, as they discuss how to integrate fast and secure signing within your CI/CD pipeline.

In this webinar, you’ll learn:

Where code signing fits into the CI/CD pipeline

Best practices for signing key protection and policy control

How Keyfactor Signum makes signing fast and secure, including a live demo

Earn 1 CPE credit on this webinar. Keyfactor is an approved (ISC)2 CPE Submitter, partner.

Integrating Secure Code Signing in the CI/CD Pipeline

DevOps

SecOps

code signing

CICD

secure coding

Key Management

Encryption

Software Security

Container Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Integrating Secure Code Signing in the CI/CD Pipeline

Presented by

About this talk

More from this channel