Name: Software Signing in the Quantum Age
Start: 2023-03-09T18:40:00Z
End: 2023-03-09T18:40:22.000Z
Location: BrightTALK

Keyfactor is the machine and IoT identity platform for modern enterprises. The company helps security teams manage cryptography as critical infrastructure by simplifying PKI, automating certificate lifecycle management, and enabling crypto-agility at scale. Companies trust Keyfactor to secure every digital key and certificate for multi-cloud enterprises, DevOps, and embedded IoT security. 

Software and technology companies face constant pressure to innovate faster, without compromising reliability or security. Public Key Infrastructure (PKI) and digital certificates have become the unseen backbone of modern tech delivery, enabling secure, authenticated, and encrypted connections across services, devices and platforms.
Join ServiceNow and Keyfactor for a discussion on how PKI is proving to be a critical and transformative infrastructure for leading technology companies, and how ServiceNow evolved its own security – and supported growth in the process – using EJBCA. You’ll hear how ServiceNow’s security team materialized Zero Trust for its internal services and is already expanding on its stronger PKI foundation.
Discover how the ServiceNow team leveraged Keyfactor’s API-driven certificate automation to:
- Secure internal services and communications at massive scale
- Improve observability and visibility across all issued certificates
- Reduce manual workloads and improve engineering efficiency
- Prepare for the future with cryptographic agility and post-quantum readiness
Whether you’re building SaaS products, scaling DevOps pipelines, or modernizing internal security infrastructure, this session will offer practical insights on operationalizing PKI to achieve reliability, agility, and trust.

Security at Scale: ServiceNow's Approach with Keyfactor

Preparing for the quantum computing era can feel daunting—but it doesn’t have to be. In this exclusive Tech Spotlight, experts from Thales Trusted Cyber Technologies (TCT) and Keyfactor will introduce a practical “starter kit” to help Federal agencies take the first step toward post-quantum cryptography with confidence.

Designed for agencies navigating CNSA 2.0 mandates and NSA modernization guidelines, this session will spotlight how the integrated solution of Keyfactor’s EJBCA Enterprise and Thales TCT’s Luna T-Series HSM provides:
- A validated foundation for crypto-agile PKI and certificate lifecycle management
- FIPS 140-3* Level 3 certified hardware-rooted trust, fully U.S.-developed and supported
- Seamless deployment models for both new and existing Federal infrastructure
- Post-quantum readiness across all components—with implementation tools you can use today

We’ll break down the architecture, showcase the “starter kit” components, and answer your questions on how to implement post-quantum PKI at scale without disrupting operations.
If your agency is preparing to meet new cryptographic requirements—or just starting the journey—this session is your launchpad.

(*Thales TCT is currently FIPS 140-3 pending, not validated)

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn .75 CPE credit by viewing this webinar.

Get Started with Post-Quantum PKI: A Tech Spotlight from Thales TCT & Keyfactor

Organizations rely on ServiceNow to consolidate and automate critical IT workflows, bringing efficiency and visibility across complex environments. Yet even with these advancements, digital certificates and machine identity management can still be found with manual processes, siloed tools, and limited visibility, which lead to outages, compliance risks, and security vulnerabilities.

As the number of digital identities grows across hybrid and multi-cloud infrastructures, IT and security teams struggle to maintain control. Without automation, certificates expire unnoticed, causing costly downtime and eroding trust.

In this webinar, you’ll learn how leading enterprises are closing this gap through automation, centralized visibility, and seamless workflows. We’ll show how Keyfactor’s certificate lifecycle automation, integrated with ServiceNow’s IT orchestration platform, empowers teams to eliminate outages, ensure compliance, and regain confidence in their digital trust ecosystem.

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

From Chaos to Control: Regaining Visibility and Trust in Your Digital Identity Ecosystem

The clock is ticking on certificate management as we know it. By 2029, certificate lifespans will shrink to just 47 days, driving a 700% increase in renewal workload. Manual processes won’t be able to keep up with this new reality.

The message is clear: automation is essential.

Join us for an interactive demo experience to see how Keyfactor Command helps you accelerate automation, simplify management, and prepare your organization for what’s next in digital trust.

In this session, we’ll showcase how Keyfactor Command empowers you to:

- Prepare for shorter certificate lifecycles with automated certificate discovery, management, and renewals that scale effortlessly as certificate volumes grow
- Prevent outages and reduce manual workload through centralized visibility and policy-driven automation across every CA, environment, and application
- Future-proof your operations with flexible orchestration and integrations that make it easy to adapt as certificate standards and requirements evolve

Whether you’re just starting your journey or expanding automation across your environment, you’ll walk away with a clear vision and practical strategies to strengthen your certificate management program and embrace the future of digital trust with confidence.

The future of PKI is automated. Let’s make sure you’re ready.

Accelerating Automation: Prepare for the Future of PKI

The Keyfactor Winter Product Briefing is your opportunity to see the latest innovations across the Keyfactor product portfolio. This session, we'll dive into how we’re transforming PKI and certificate lifecycle management to be more intuitive, empowering you with deeper discovery, richer intelligence, and post-quantum readiness to stay ahead of tomorrow’s challenges.

Keyfactor Winter Product Briefing

You can’t secure what you can’t see. Cryptography is embedded everywhere, from applications and containers to cloud workloads and third-party software, but most organizations lack visibility into how it’s used, where it’s vulnerable, and what’s at risk.

Join Ryan Sanders, Sr. Director of Product & Customer Marketing, and Ian Curry, Director of Strategic Initiatives, for a 30-minute live demo session that brings cryptographic discovery and inventory to life. You’ll see how Keyfactor uncovers hidden cryptographic assets across your environment and helps you take action on risks like hardcoded keys, deprecated algorithms, and quantum-vulnerable protocols.

In this session, you’ll:
- Watch a live demo of Keyfactor’s cryptographic discovery and inventory capabilities
- Learn how to identify and remediate cryptographic risks across diverse environments
- See how these capabilities support crypto-agility, compliance, and quantum-readiness

Whether you're exploring cryptographic risk for the first time or looking to expand your crypto-agility program, this session will show you how to take control of what’s been hiding beneath the surface.

Cryptographic Discovery in Action

The clock is ticking. Every product sold into Europe after December 11, 2027, must be CRA-compliant. The CRA has dozens of requirements that span a product’s entire lifecycle, from first boot to decommissioning. This means OEMs must design their products to support not only the security of today, but also the security of the future, including planning for post-quantum cryptography (PQC). 

This requires a device to be able to:  

Utilize Secure Boot to allow only trusted firmware to run on the devices  

Receive and execute software updates, and ensure that the updates are authentic, unaltered, and only from a trusted source.   

Securely signing code is the current gold standard for OEMs, but manual processes, siloed signing tools, and keys left unprotected are just a few of the risks that organizations face when preparing to comply with CRA.  

In this webinar, you will learn: 

Why code signing is so important and its multiple roles in product security  

Code signing’s significance in the Cyber Resilience Act  

How Keyfactor and NXP have come together to overcome the pitfalls of outdated code signing processes

Establishing Firmware Signing Framework for CRA Compliance

Complexity is the enemy of security, and the transition for OT to the digital world can look very daunting and complex. New unseen threats trying to shut down your operations, new standards to meet, new technology to tie together, and that’s just today, not to mention how everything keeps evolving.

Join experts from NetFoundry, Keyfactor, and FreeWave as they discuss the evolving landscape of OT cybersecurity. In this webinar, you will learn:

The hurdles and threats facing the transition to smart OT networks
How the right solution protects edge devices without added complexity
The principles of security by design

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

Zero Trust OT Revolution: Conquer IT/OT Risks with Industry-Leading Expertise

It’s official. And it’s causing a lot of PKI admins to lose sleep. The CA/Browser Forum is shortening SSL/TLS certificate lifespans to 47 days by 2029. We surveyed InfoSec professionals to learn how they’re responding with automation – and the results surprised even us. Join Keyfactor experts to review the research results from over 450 respondents in 8 countries to learn:
• How frequently organizations are impacted by certificate outages
• Selling business stakeholders on automation investments
• Real-life stories on successful implementation strategies

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

Moving Faster on Shorter Certificate Lifecycles with Automation

Public Key Infrastructure (PKI) is foundational to enterprise security, yet its resilience depends on the quality of entropy behind cryptographic keys. Traditional entropy gathering is struggling with advances in technology which make traditional "opportunistic"  sources we gather entropy from less and less useful. This problem, coupled with expanding digital ecosystems, shorter certificate lifespans, and looming post-quantum requirements is making traditional entropy techniques increasingly inadequate.

In this webinar, Quside and Keyfactor will demonstrate how quantum entropy, delivered through QRNG technology, strengthens PKI security and performance. Learn how our joint integration of EJBCA, along with Quside’s PCIe One quantum entropy solution, enables organizations to issue and manage certificates with measurable, verifiable randomness.

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

Eliminating PKI Entropy Starvation with Certified Quantum Entropy

What am I missing? It’s the question on every CISOs mind. But while security teams focus on the latest zero-days and cloud misconfigurations, the biggest risks are buried in the oldest and most foundational layer of the security stack: Cryptography.

Developers embed it, IT deploys it, vendors bundle it into products, yet no one has clear visibility or control over its use. The result? Cryptographic risks and vulnerabilities—unencrypted protocols, hardcoded keys, obsolete algorithms, and quantum-vulnerable assets—are quickly becoming a foundational threat to operational integrity and security. 

Join Chris Hickman, Chief Security Officer, and Ryan Sanders, Sr. Director of Product & Customer Marketing, as they unpack insights and real-world examples of why cryptographic risk should be on every CISOs radar and how you can start to address it.

In this webinar, we’ll cover:
- The top cryptographic blind spots, risks, and vulnerabilities
- The importance of cryptographic discovery and inventory
- Where to start on your path from risk to resilience

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

The CISO Guide to Cryptographic Risks & Vulnerabilities

A webinar about what financial services companies needs are surrounding future-proof PKI and that it’s ok to be late to the PQC party, we’re here to discuss the steps you can take to meet the 2026 guidance. Covers the “circling of the regulatory wagons” around PQC globally in a fireside chat-style format that looks at what’s common between emerging and emerged regulations across US, EU, Australia and UK. Note to the audience that there are no hard asks or requirements right now, but that the last quarter of 2025 is seen as the last PQC jumping off point for when preparation to address soft asks should begin, to give global FinServ companies proper time to prepare themselves. 

We will also discuss what concrete steps other companies are taking, what Fred has done at ING, and his advice for companies that are overwhelmed by the thought of beginning this journey. It’s all about digestible, prescriptive steps based on their cryptographic topography and organizational readiness. 

The webinar positions Keyfactor as the solution to bring them up to speed easily and though it involves ING and uses the ING name, does not explicitly name ING as a customer of Keyfactor.

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

PQC Latecomers: Last Stop for 2026

The quantum era is approaching faster than expected, and its impact on cybersecurity will be profound. With experts forecasting cryptographically relevant quantum computers as early as 2028, and regulators like NIST mandating the deprecation of current public key algorithms by 2035, the foundations of digital trust are under unprecedented pressure. The challenge goes beyond technology, it’s about resilience, governance, and maintaining confidence in an environment where waiting is no longer an option.
This webinar will tackle this critical question head-on, exploring insights from the Digital Trust Digest: Quantum Readiness Edition and sharing strategies to prepare effectively. Together, Vladimir Sugarev, Chief Cryptographic Officer at Keyfactor, and Dr. Michele Mosca, cofounder and CEO of EvolutionQ, will discuss:
- The biggest misconceptions around quantum readiness and why urgency is critical
- What “cryptographic visibility” really means, and why most organizations overestimate it
- The eight essential workstreams for building a quantum-safe roadmap across governance, procurement, and technology
- How cryptographic resilience prepares organizations not just for quantum, but for any future cryptographic disruption
Quantum computing will transform the digital landscape, whether organizations are ready or not. The actions we take today will define the future of trust, security, and resilience in the post-quantum era.

Are we truly ready for the quantum future ?

In this webinar, we will explore how Keyfactor and Securosys are working together to remove the complexities associated with PKCS#11, streamlining cryptographic operations for improved scalability and resilience, and enabling built-in support for Post-Quantum Cryptography.

Key takeaways:
- Anticipate the challenges of the imminent Quantum era and plan ahead with confidence
- Understand the Securosys Primus HSM range and capabilities
- Learn about the HSM integration options for EJBCA & SignServer

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .5 CPE credit from viewing this webinar.

Future-Ready Today: PQC Integration with Securosys REST API and EJBCA

The discussion centers on crypto modernization - a broader concept than just post-quantum cryptography that involves upgrading cryptographic systems to defend against multiple emerging threats including quantum computing, AI attacks, and brute force attacks. The speakers emphasize that while post-quantum cryptography gets most attention, it's actually just one piece of a larger modernization effort needed across enterprise networks.

The conversation explores how organizations can achieve crypto agility - the ability to seamlessly swap out cryptographic algorithms, key sizes, libraries, and policies in real-time to meet diverse communication needs and compliance requirements. They advocate for a network-based approach that provides centralized control over cryptographic deployments rather than requiring extensive application-level changes.

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .5 CPE credit from viewing this webinar.

Crypto Modernization at the Network Level

As payment ecosystems grow more interconnected and complex, the pressure to modernize cryptographic infrastructure has never been greater. From PCI DSS and DORA compliance to the growing threat of quantum computing, payment providers, acquirers, and PSPs need a cohesive crypto strategy—one that’s agile, scalable, and ready for what’s next.
 
In this joint session, experts from Keyfactor and Futurex will demonstrate how a unified approach to PKI, key orchestration, and hardware-backed cryptography can secure today’s transactions and prepare for tomorrow’s challenges.
 
This webinar will feature a real-world architecture walkthrough combining:
 
EJBCA PKI and certificate lifecycle automation from Keyfactor
Crypto agility tools and algorithm policy management from InfoSec Global
Centralized and cloud-based HSMs from Futurex for high-assurance key protection
 
Whether your organization is planning for post-quantum mandates, enhancing fraud prevention, or modernizing compliance strategies, this session offers practical guidance for bringing it all together—securely and at scale.

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .75 CPE credit from viewing this webinar.

Bringing It Together: A Unified Crypto Strategy for Payment Ecosystems

In this webinar, we will discuss enhancing cryptographic infrastructure using quantum entropy, contextualizing quantum computing and its implications for AI systems, and transitioning to advanced protocols that leverage existing PKI and post-quantum cryptography.

Key takeaways:
- Quantum Isn’t the Future - It’s the Present: The shift to quantum-secure systems isn’t optional or distant. The transition must begin today, because quantum isn’t your successor’s problem… It’s yours.
- Get Quantum-Ready Without the Overhead: You don’t need to rebuild everything from scratch. Start by integrating quantum random number generators (QRNGs) into your current systems; it's the simplest step toward crypto-agility and post-quantum readiness.
- AI and Quantum Are on a Collision Course: Massive investments in AI infrastructure may be at risk. If quantum tech is just 3–5 years behind AI, we’re staring down a potential “DeepSeek” moment - where quantum breaks what AI builds. Are you ready?

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .5 CPE credit from viewing this webinar.

Modernizing PKI with Quantum-Secure Foundations

In this webinar, Quantinuum provides an overview of their quantum randomness product, Quantum Origin, and how it integrates with Keyfactor. Quantum Origin is a software-based Quantum Random Number Generator (QRNG) that uses proven randomness to improve encryption keys and strengthen overall security.

Join us to learn how:
- Quantum Origin leverages a full quantum computer to generate proven randomness, producing stronger encryption keys and a more secure cryptographic foundation.
- Quantum Origin is validated through NIST’s Entropy Source Validation (ESV) program.
- Quantum Origin, as a software-based QRNG, is easy to deploy on Linux and Windows systems and integrates seamlessly with Hardware Security Modules (HSMs).

Keyfactor is an approved (ISC)2 CPE Submitter. Earn .5 CPE credit from viewing this webinar.

The Future of Proven Quantum Randomness

From securing the Internet to protecting devices and workloads in the enterprise to embedding identities in next-generation Internet of Things (IoT) devices, PKI is critical infrastructure – the foundation of digital trust in our modern world.  

In this panel discussion, we sit down with IT and security leaders from world-leading companies in technology, finance, and manufacturing to explore the incredible ways they use PKI to power and protect their businesses. We’ll discuss the role of PKI in modern organizations, how it’s evolved and adapted to changes in the IT landscape, and the different approaches to implementation and design. 

Speakers: 
Tomas Gustavsson, Chief PKI Officer at Keyfactor
Admir Abdurahmanovic, SVP Strategy at Keyfactor
Dr. Lutz Jänicke, Corporate Product & Solution Security Officer at Phoenix Contact
Ibrahim Akkulak, Senior Security Consultant at Rakuten Symphony Deutschland GmbH

Earn 0.75 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

The Power of PKI

From the Internet to the Internet of Things (IoT), PKI has been and continues to be the bedrock of trust in our digital world. Just when we think PKI has reached its limit, another innovative use case emerges – from e-commerce to the cloud, e-passports to planes, trains, and automobiles – PKI is everywhere. 

Take a step back in time with Ted Shorter, CTO at Keyfactor, as he shares 20 years in the PKI industry with PrimeKey and Keyfactor, and shares what the lessons of the PKI past can teach us about the future as we approach yet another crossroads: Post Quantum Cryptography.

Earn 0.50 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

20 Years of Digital Trust: PKI from the Internet to IoT

In this session, you'll learn how Rakuten approaches PKI design, implementation, and automation for both their 5G infrastructure and Enterprise IT applications. We'll cover best practices for PKI architecture and deployment using EJBCA and containers, migration from RSA to ECDSA, and meeting changing regulatory requirements. We'll also touch on the reasons for leveraging protocol-based (CMPv2) versus non-standards based automation (Keyfactor Command).

Building a Modern PKI for Enterprise & 5G Applications

Many global corporations manufacturing IoT devices today outsource this critical business function. It's not surprising that security concerns are rising regarding data and secret key provisioning at the manufacturing stage. 

Therefore, OEM, EMS, and electronic device manufacturers deploying PKI and providing secret keys face serious security challenges. 

Laurent Masson, CTO of Trusted Objects, will review the vulnerabilities and risks that companies encounter as part of the standard IoT device manufacturing process.  

Through a zero-trust lens, Laurent will explain how to secure each step of this process with state-of-the-art solutions. He'll also discuss how to deliver PKI in manufacturing in a secure way, even in an untrusted environment. 

Laurent will also share his experience securely provisioning a generic MCU. This use case will demonstrate how an initial certificate can be securely delivered and injected by the OEM during manufacturing to comply with the Matter Connectivity standard. 

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Supply Chain Security

The landscape of European Union cybersecurity-related legislation is constantly changing. Various acts are already enforced or still under discussion – covering more and more areas, and complementing each other. These acts mention standards as the base for demonstrating compliance with specific requirements. In this presentation, Sławomir Górniak, Senior Cybersecurity Expert with the European Union Agency for Cybersecurity (ENISA), will provide insight into the current situation with the European legislation and standardization, as well as look ahead to areas of interest.

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Standardization in Support of the European Union Legislation

PKI and digital certificates are used by virtually every team in the business, from IT and Networking to Cloud and DevOps. But how do you keep track of how many certificates you have, where they live, and when they expire? When Stacia Taylor, Network Engineer at American Equity, was asked to take on the PKI project, this was exactly the problem she set out to solve. Follow Stacia first-hand in her search to identify every certificate and CA in their environment, the steps they took to remediate gaps, and the shift they’re making from manual to automated certificate management. 

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

How to Reign in PKI and Certificate Sprawl: A Network Engineers Perspective

As the CA/Browser Forum Chair and participant in several PKI industry forums like ACAB-c, ETSI ESI, and the PKI Consortium, Dimitris Zacharopoulos will provide an update on topics including:  

Publicly trusted Server TLS, code signing, and S/MIME certificates 

ETSI ESI standards for Trust Service Providers  

ACAB'c activities  

PKI Consortium activities 

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Public Trust, CA/Browser Forum, and PKI Industry Update

IEC 62443 requires the use of secure identities for devices and the protection of integrity and authenticity of software and firmware. In this session, Dr. Lutz Jänicke, Corporate Product & Solution Security Officer of Phoenix Contact, will discuss these requirements and the security requirements for IEEE 802.1AR device identity certificates. He’ll cover how future use cases like zero-touch provisioning can be supported.  
 
Jänicke will dive into how digital signatures for software and firmware can be realized with an attached signature infrastructure in different formats needed from plain (raw) signatures up to Advanced digital Electronic Signatures (AdES). 

Attendees will learn about requirements from the IEC 62443 security standard, a solution for supporting infrastructure, and discussion about the implementation at the supplier of automation components Phoenix Contact. 

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Public Key and Signature Infrastructure for Industrial Security

No one knows exactly when a large-scale quantum computer will be invented. When it does happen, all public key cryptography in use today will be at risk, allowing recorded encrypted traffic to be recovered. As a result, post-quantum cryptography (PQC) is being developed and standardized. Next, many internet security protocols will be enhanced to use PQC algorithms. Once the protocols have been developed it will take many years to transition. 

Earn 0.50 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Planning for Post-Quantum Cryptography: Evolution of Internet Standards

OPC UA is a communication standard from the OPC Foundation for industrial automation and the IIoT. It is designed to allow different devices and systems from different manufacturers to communicate with each other in a secure and reliable way. 

In this session, Matthias Damm, CEO of Unified Automation, will introduce OPC UA and explain how to automate certificate management for OPC UA applications. Matthias will show how these mechanisms are implemented in Unified Automation products and how they are integrated with a Keyfactor PKI. 

Attendees will learn how secure device provisioning has been integrated into the latest revision of OPC UA. 

Finally, Florian Handke, Smart Production Engineer, Campus Schwarzwald, and Andreas Philipp, Senior Business Development Manager, IoT, Keyfactor, will present an upcoming free service that will ensure that certifications are no longer a show-stopper in the industry. 

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Industrial Automation and Certificates Management

In this session, Tomas Gustavsson, Chief PKI Officer, Keyfactor, will share his take on trending PKI topics from the last year, including the challenges associated with successful PKI deployment and implementation. He'll dive deeper into the technical details of these challenges and offer strategies to help teams overcome them. Think topics such as HSMs and cloud, IoT standards and Covid-19 certificates, and much more. 

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Hardcore PKI

The last twelve months has seen the conclusion of the first stage of NIST's PQC competition and the final round for NIST's Lightweight Cryptography competition. Organizations like BSI and ETSI have also produced reports in the area. In this session, David Hook, VP Crypto Workshop, Keyfactor, will look at some of the details of the algorithms chosen, the motivations for selection, and how these new algorithms are positioned to be useful for servers and the smaller devices making up the Internet of Things.

Earn 0.50 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Hardcore Crypto

The Bundesnotarkammer (Federal Chamber of Notaries) was mandated to build and host a secure platform to preserve all notarial deeds created in Germany. The system requires all documents to be end-to-end-encrypted with keys that are only available to 7,300 notaries. To make this possible, the archive relies on secure identities and devices to create, store, and share keys in the notaries’ offices. 

  This session will cover: 

Security aspects of the project that ensure the confidentiality and availability of the documents over a period of 100 years. 

How document encryption and the concept of key domains for the secure key sharing between smart cards works.  

An overview of decentralized key management and what it means to do all this without having a central master key. 

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Electronic Deeds Archive with Decentralized Key Management

The European digital identity wallet will be available to EU citizens, residents, and businesses that want to identify themselves or provide confirmation of certain personal information. It can be used for both online and offline public and private services across the EU. The wallets will be based on trusted digital identities provided by Member States, improving their effectiveness, extending their benefits to the private sector, and offering personal digital wallets that are safe, free, convenient to use, and protect personal data.  

For this initiative, the Commission builds on the existing cross-border legal framework for trusted digital identities, the European electronic identification and trust services initiative (eIDAS Regulation).  

The session will cover the latest concepts for implementation, the relevant standard initiatives (ISO, CEN, and ETSI), and the pros and cons of this ambitious project in the context of the Digital Service Act and the Digital Market Act. 



Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

The eIDAS-Wallet in 2024: A "Blue Wonder" for eID and Trust Service Providers?

Development teams often use Continuous Integration (CI) tools (e.g., Jenkins, Bamboo, Team City, CircleCI, Concourse, etc.) and Continuous Deployment (CD) tools (e.g., Harness, etc.) in their SDLC cycles. Karthik Lalithraj, Keyfactor's Director of Solutions Engineering, East, will address some of the more complex questions facing enterprises today. Attendees will come away with answers to questions such as:   

How can teams integrate Continuous Security (CS) within the CI/CD process using digital signing?  

How can teams secure the private key while simultaneously providing code-signing access to various groups? How does this process work across globally disparate teams and individuals?  

How can you stop lousy development practices?  

Can we audit this?  

And finally, how do teams consume and validate these artifacts?  

This talk will cover how these challenges are quickly addressed in the enterprise. 

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Securing the DevOps CI/CD Pipeline

The Dutch Ministry of Justice has an expertise center for chip technology and PKI for ePassports. In addition to testing border control readers, the center offers for example ePassport training about chip technology and PKI for government and border control personnel.   

The PKI expertise center also offers an internal PKI as a Service (PKIaaS) that includes several production environments, barcode signing and log signing, and management of HSMs. In this session Cor de Jonge, Team Lead and Business Owner PKI, and Jeen de Swart, Senior Information Architect at Judicial Information Service, Ministry of Justice and Security will give you a glimpse of all these use cases. The expertise center uses Keyfactor (PrimeKey) software connected to own programmed applications.  

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

The Dutch Ministry of Justice and Security PKI Use Cases

Telecom Italia Trust Technologies, Italian eIDAS QTSP for digital signature, has set up a PKI for the 4G and 5G networks of TIM, the primary mobile telecom operator in Italy.  

The project had the challenging requirement of delivering a solution able to issue certificates to devices from different vendors using the CMPv2 protocol as defined by the 3GPP framework. 

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Becoming a 5G PKI

Tech Days 2023 - On-Demand

Siemens Product PKI Certificate Management and Digital Signature services - these services are used as a one-stop internal service to provide Siemens business units a highly trustworthy solution to handle all of their digital certificates and signature needs.  

In this presentation Antonio will cover:  

High-level use case introduction: SW signing (via, for example, CMS signatures) and which protection goals it helps achieve, specifically in the Siemens ecosystem  

How SW signing is done today with traditional cryptography and SignServer + EJBCA within the Siemens ecosystem 

How SW signing can be securely done in the future employing PQC, e.g., "NIST 3rd" round digital signature algorithms or stateful HBS schemes (c.f. Commercial National Security Algorithm Suite 2.0)  

Presenting results of PoC with PQC signature algorithms such as Dilithium, including remaining open topics to have an end-to-end PQC SW signing in place. 

Earn 0.25 CPE  credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Software Signing in the Quantum Age

Software

Signing

NIST

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Software Signing in the Quantum Age

Presented by

About this talk

Keyfactor