Name: PKI Meets Red Team: Revealing Common Microsoft AD CS Misconfigurations
Start: 2023-01-25T17:00:00Z
End: 2023-01-25T17:00:45.000Z
Location: BrightTALK
Rating: 5

Keyfactor is the machine and IoT identity platform for modern enterprises. The company helps security teams manage cryptography as critical infrastructure by simplifying PKI, automating certificate lifecycle management, and enabling crypto-agility at scale. Companies trust Keyfactor to secure every digital key and certificate for multi-cloud enterprises, DevOps, and embedded IoT security. 

A webinar focused on the evolving needs of financial services organizations around future-proofing their PKI - and why it’s still perfectly acceptable to be late to the PQC party. The session will walk through practical steps to align with the 2026 guidance, offering a clear, supportive perspective.
Presented in a fireside chat format, the webinar explores the growing global regulatory alignment around PQC - highlighting commonalities across emerging and established frameworks in the US, EU, UK, and Australia. We’ll remind the audience that there are currently no hard mandates, but that Q4 2025 is broadly considered the final window to begin preparing for “soft asks” and industry expectations, giving global FinServ organizations time to act strategically.
The discussion will include concrete actions taken by other companies and real-world examples of how leaders are approaching the journey. We’ll share advice for organizations that feel overwhelmed - with digestible, prescriptive steps based on cryptographic posture and internal readiness.
The webinar positions Keyfactor as the enabler to help companies ramp up smoothly, with actionable insights and a strong understanding of what works in practice - without naming any specific organization as a Keyfactor customer.

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

Post-Quantum Cryptography: What Late Adopters Must Know

Cryptography is at the core of everything secure in our digital world – yet most organizations still don’t fully understand or manage it well. Add growing regulatory pressures and the inevitable transition to post-quantum cryptography (PQC), and the need for visibility and control over cryptographic assets is more urgent than ever.

Join our experts for an exciting and insightful webinar where we delve into the future of digital trust and explore critical steps to uncover and fix today’s cryptographic vulnerabilities and ensure a seamless transition to quantum-safe security ahead.

We’ll also discuss how Keyfactor’s acquisition of InfoSec Global and CipherInsights brings together the best in cryptographic discovery, automated certificate lifecycle management, and quantum-ready PKI and signing solutions to deliver crypto-agility at scale.

In this webinar, you’ll learn:
- Key steps organizations must take to address cryptographic risks and vulnerabilities that threaten data security and compliance
- Considerations to ensure a seamless transition to quantum-safe security
- How Keyfactor’s expanded solution stack enables IT and security teams to identify, prioritize, and remediate risks across their cryptographic estate

Keyfactor is an approved (ISC)2 CPE Submitter Partner. Earn 1 CPE credit from viewing this webinar.

From Visibility to Digital Trust Strategy: Preparing for PQC

You can’t secure what you can’t see. Cryptography is embedded everywhere, from applications and containers to cloud workloads and third-party software, but most organizations lack visibility into how it’s used, where it’s vulnerable, and what’s at risk.

Join Ryan Sanders, Sr. Director of Product & Customer Marketing, and Ian Curry, Director of Strategic Initiatives, for a 30-minute live demo session that brings cryptographic discovery and inventory to life. You’ll see how Keyfactor uncovers hidden cryptographic assets across your environment and helps you take action on risks like hardcoded keys, deprecated algorithms, and quantum-vulnerable protocols.

In this session, you’ll:
- Watch a live demo of Keyfactor’s cryptographic discovery and inventory capabilities
- Learn how to identify and remediate cryptographic risks across diverse environments
- See how these capabilities support crypto-agility, compliance, and quantum-readiness

Whether you're exploring cryptographic risk for the first time or looking to expand your crypto-agility program, this session will show you how to take control of what’s been hiding beneath the surface.

Seeing What Matters : Discover and Manage Cryptographic Risk

Software and technology companies face constant pressure to innovate faster, without compromising reliability or security. Public Key Infrastructure (PKI) and digital certificates have become the unseen backbone of modern tech delivery, enabling secure, authenticated, and encrypted connections across services, devices and platforms.
Join ServiceNow and Keyfactor for a discussion on how PKI is proving to be a critical and transformative infrastructure for leading technology companies, and how ServiceNow evolved its own security – and supported growth in the process – using EJBCA. You’ll hear how ServiceNow’s security team materialized Zero Trust for its internal services and is already expanding on its stronger PKI foundation.
Discover how the ServiceNow team leveraged Keyfactor’s API-driven certificate automation to:
- Secure internal services and communications at massive scale
- Improve observability and visibility across all issued certificates
- Reduce manual workloads and improve engineering efficiency
- Prepare for the future with cryptographic agility and post-quantum readiness
Whether you’re building SaaS products, scaling DevOps pipelines, or modernizing internal security infrastructure, this session will offer practical insights on operationalizing PKI to achieve reliability, agility, and trust.

Security at Scale: ServiceNow's Approach with Keyfactor

Preparing for the quantum computing era can feel daunting—but it doesn’t have to be. In this exclusive Tech Spotlight, experts from Thales Trusted Cyber Technologies (TCT) and Keyfactor will introduce a practical “starter kit” to help Federal agencies take the first step toward post-quantum cryptography with confidence.

Designed for agencies navigating CNSA 2.0 mandates and NSA modernization guidelines, this session will spotlight how the integrated solution of Keyfactor’s EJBCA Enterprise and Thales TCT’s Luna T-Series HSM provides:
- A validated foundation for crypto-agile PKI and certificate lifecycle management
- FIPS 140-3* Level 3 certified hardware-rooted trust, fully U.S.-developed and supported
- Seamless deployment models for both new and existing Federal infrastructure
- Post-quantum readiness across all components—with implementation tools you can use today

We’ll break down the architecture, showcase the “starter kit” components, and answer your questions on how to implement post-quantum PKI at scale without disrupting operations.
If your agency is preparing to meet new cryptographic requirements—or just starting the journey—this session is your launchpad.

(*Thales TCT is currently FIPS 140-3 pending, not validated)

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .75 CPE credit by viewing this webinar.

Get Started with Post-Quantum PKI: A Tech Spotlight from Thales TCT & Keyfactor

Organizations rely on ServiceNow to consolidate and automate critical IT workflows, bringing efficiency and visibility across complex environments. Yet even with these advancements, digital certificates and machine identity management can still be found with manual processes, siloed tools, and limited visibility, which lead to outages, compliance risks, and security vulnerabilities.

As the number of digital identities grows across hybrid and multi-cloud infrastructures, IT and security teams struggle to maintain control. Without automation, certificates expire unnoticed, causing costly downtime and eroding trust.

In this webinar, you’ll learn how leading enterprises are closing this gap through automation, centralized visibility, and seamless workflows. We’ll show how Keyfactor’s certificate lifecycle automation, integrated with ServiceNow’s IT orchestration platform, empowers teams to eliminate outages, ensure compliance, and regain confidence in their digital trust ecosystem.

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

From Chaos to Control: Regaining Visibility and Trust in Your Digital Identity Ecosystem

The clock is ticking on certificate management as we know it. By 2029, certificate lifespans will shrink to just 47 days, driving a 700% increase in renewal workload. Manual processes won’t be able to keep up with this new reality.

The message is clear: automation is essential.

Join us for an interactive demo experience to see how Keyfactor Command helps you accelerate automation, simplify management, and prepare your organization for what’s next in digital trust.

In this session, we’ll showcase how Keyfactor Command empowers you to:

- Prepare for shorter certificate lifecycles with automated certificate discovery, management, and renewals that scale effortlessly as certificate volumes grow
- Prevent outages and reduce manual workload through centralized visibility and policy-driven automation across every CA, environment, and application
- Future-proof your operations with flexible orchestration and integrations that make it easy to adapt as certificate standards and requirements evolve

Whether you’re just starting your journey or expanding automation across your environment, you’ll walk away with a clear vision and practical strategies to strengthen your certificate management program and embrace the future of digital trust with confidence.

The future of PKI is automated. Let’s make sure you’re ready.

Accelerating Automation: Prepare for the Future of PKI

The Keyfactor Winter Product Briefing is your opportunity to see the latest innovations across the Keyfactor product portfolio. This session, we'll dive into how we’re transforming PKI and certificate lifecycle management to be more intuitive, empowering you with deeper discovery, richer intelligence, and post-quantum readiness to stay ahead of tomorrow’s challenges.

Keyfactor Winter Product Briefing

Cryptographic Discovery in Action

The clock is ticking. Every product sold into Europe after December 11, 2027, must be CRA-compliant. The CRA has dozens of requirements that span a product’s entire lifecycle, from first boot to decommissioning. This means OEMs must design their products to support not only the security of today, but also the security of the future, including planning for post-quantum cryptography (PQC). 

This requires a device to be able to:  

Utilize Secure Boot to allow only trusted firmware to run on the devices  

Receive and execute software updates, and ensure that the updates are authentic, unaltered, and only from a trusted source.   

Securely signing code is the current gold standard for OEMs, but manual processes, siloed signing tools, and keys left unprotected are just a few of the risks that organizations face when preparing to comply with CRA.  

In this webinar, you will learn: 

Why code signing is so important and its multiple roles in product security  

Code signing’s significance in the Cyber Resilience Act  

How Keyfactor and NXP have come together to overcome the pitfalls of outdated code signing processes

Establishing Firmware Signing Framework for CRA Compliance

Complexity is the enemy of security, and the transition for OT to the digital world can look very daunting and complex. New unseen threats trying to shut down your operations, new standards to meet, new technology to tie together, and that’s just today, not to mention how everything keeps evolving.

Join experts from NetFoundry, Keyfactor, and FreeWave as they discuss the evolving landscape of OT cybersecurity. In this webinar, you will learn:

The hurdles and threats facing the transition to smart OT networks
How the right solution protects edge devices without added complexity
The principles of security by design

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

Zero Trust OT Revolution: Conquer IT/OT Risks with Industry-Leading Expertise

It’s official. And it’s causing a lot of PKI admins to lose sleep. The CA/Browser Forum is shortening SSL/TLS certificate lifespans to 47 days by 2029. We surveyed InfoSec professionals to learn how they’re responding with automation – and the results surprised even us. Join Keyfactor experts to review the research results from over 450 respondents in 8 countries to learn:
• How frequently organizations are impacted by certificate outages
• Selling business stakeholders on automation investments
• Real-life stories on successful implementation strategies

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

Moving Faster on Shorter Certificate Lifecycles with Automation

Public Key Infrastructure (PKI) is foundational to enterprise security, yet its resilience depends on the quality of entropy behind cryptographic keys. Traditional entropy gathering is struggling with advances in technology which make traditional "opportunistic"  sources we gather entropy from less and less useful. This problem, coupled with expanding digital ecosystems, shorter certificate lifespans, and looming post-quantum requirements is making traditional entropy techniques increasingly inadequate.

In this webinar, Quside and Keyfactor will demonstrate how quantum entropy, delivered through QRNG technology, strengthens PKI security and performance. Learn how our joint integration of EJBCA, along with Quside’s PCIe One quantum entropy solution, enables organizations to issue and manage certificates with measurable, verifiable randomness.

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

Eliminating PKI Entropy Starvation with Certified Quantum Entropy

What am I missing? It’s the question on every CISOs mind. But while security teams focus on the latest zero-days and cloud misconfigurations, the biggest risks are buried in the oldest and most foundational layer of the security stack: Cryptography.

Developers embed it, IT deploys it, vendors bundle it into products, yet no one has clear visibility or control over its use. The result? Cryptographic risks and vulnerabilities—unencrypted protocols, hardcoded keys, obsolete algorithms, and quantum-vulnerable assets—are quickly becoming a foundational threat to operational integrity and security. 

Join Chris Hickman, Chief Security Officer, and Ryan Sanders, Sr. Director of Product & Customer Marketing, as they unpack insights and real-world examples of why cryptographic risk should be on every CISOs radar and how you can start to address it.

In this webinar, we’ll cover:
- The top cryptographic blind spots, risks, and vulnerabilities
- The importance of cryptographic discovery and inventory
- Where to start on your path from risk to resilience

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

The CISO Guide to Cryptographic Risks & Vulnerabilities

A webinar about what financial services companies needs are surrounding future-proof PKI and that it’s ok to be late to the PQC party, we’re here to discuss the steps you can take to meet the 2026 guidance. Covers the “circling of the regulatory wagons” around PQC globally in a fireside chat-style format that looks at what’s common between emerging and emerged regulations across US, EU, Australia and UK. Note to the audience that there are no hard asks or requirements right now, but that the last quarter of 2025 is seen as the last PQC jumping off point for when preparation to address soft asks should begin, to give global FinServ companies proper time to prepare themselves. 

We will also discuss what concrete steps other companies are taking, what Fred has done at ING, and his advice for companies that are overwhelmed by the thought of beginning this journey. It’s all about digestible, prescriptive steps based on their cryptographic topography and organizational readiness. 

The webinar positions Keyfactor as the solution to bring them up to speed easily and though it involves ING and uses the ING name, does not explicitly name ING as a customer of Keyfactor.

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

PQC Latecomers: Last Stop for 2026

The quantum era is approaching faster than expected, and its impact on cybersecurity will be profound. With experts forecasting cryptographically relevant quantum computers as early as 2028, and regulators like NIST mandating the deprecation of current public key algorithms by 2035, the foundations of digital trust are under unprecedented pressure. The challenge goes beyond technology, it’s about resilience, governance, and maintaining confidence in an environment where waiting is no longer an option.
This webinar will tackle this critical question head-on, exploring insights from the Digital Trust Digest: Quantum Readiness Edition and sharing strategies to prepare effectively. Together, Vladimir Sugarev, Chief Cryptographic Officer at Keyfactor, and Dr. Michele Mosca, cofounder and CEO of EvolutionQ, will discuss:
- The biggest misconceptions around quantum readiness and why urgency is critical
- What “cryptographic visibility” really means, and why most organizations overestimate it
- The eight essential workstreams for building a quantum-safe roadmap across governance, procurement, and technology
- How cryptographic resilience prepares organizations not just for quantum, but for any future cryptographic disruption
Quantum computing will transform the digital landscape, whether organizations are ready or not. The actions we take today will define the future of trust, security, and resilience in the post-quantum era.

Are we truly ready for the quantum future ?

In this webinar, we will explore how Keyfactor and Securosys are working together to remove the complexities associated with PKCS#11, streamlining cryptographic operations for improved scalability and resilience, and enabling built-in support for Post-Quantum Cryptography.

Key takeaways:
- Anticipate the challenges of the imminent Quantum era and plan ahead with confidence
- Understand the Securosys Primus HSM range and capabilities
- Learn about the HSM integration options for EJBCA & SignServer

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .5 CPE credit from viewing this webinar.

Future-Ready Today: PQC Integration with Securosys REST API and EJBCA

The discussion centers on crypto modernization - a broader concept than just post-quantum cryptography that involves upgrading cryptographic systems to defend against multiple emerging threats including quantum computing, AI attacks, and brute force attacks. The speakers emphasize that while post-quantum cryptography gets most attention, it's actually just one piece of a larger modernization effort needed across enterprise networks.

The conversation explores how organizations can achieve crypto agility - the ability to seamlessly swap out cryptographic algorithms, key sizes, libraries, and policies in real-time to meet diverse communication needs and compliance requirements. They advocate for a network-based approach that provides centralized control over cryptographic deployments rather than requiring extensive application-level changes.

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .5 CPE credit from viewing this webinar.

Crypto Modernization at the Network Level

Microsoft Active Directory (AD) PKI is widely used by enterprises today, yet it has largely flown under the radar of attackers and defenders – until now. Recent research by SpecterOps reveals common user misconfigurations in AD CS that, if left unchecked, create serious security blindspots that attackers can abuse for credential theft, domain escalation, and persistence. 

Join leading Red Team & PKI Experts from SpecterOps and Keyfactor as they discuss the findings of the report, “Certified Pre-Owned: Abusing Active Directory Certificate Services.”  

In this discussion, they’ll cover: 

-What AD CS is and how it works 
-Common AD CS misconfigurations 
-PKI architecture and implementation flaws 
-Defensive advice and best practices to mitigate attacks

PKI Meets Red Team: Revealing Common Microsoft AD CS Misconfigurations

Active Directory

Architecture

Authentication

Certificate Management

Cyber Security

Encryption

Infrastructure

Infrastructure Management

Cyber Defence

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

PKI Meets Red Team: Revealing Common Microsoft AD CS Misconfigurations

Presented by

About this talk

Keyfactor