Name: The Countdown to 47 Days: Are You Ready for the Biggest Change in TLS Certificate Lifecycle Management?
Start: 2025-06-24T15:00:00Z
End: 2025-06-24T15:00:44.000Z
Location: BrightTALK
Rating: 5

Centered on intelligent privilege controls, CyberArk provides the most comprehensive security offering for any identity - seamlessly securing human and machine identities accessing workloads from hybrid to multi-cloud, and flexibly automates the identity lifecycle all with continuous threat detection and prevention – protecting organization’s identities and most critical assets by enabling Zero Trust and enforcing least privilege.  

Organizations face growing threats as attackers target identity infrastructure, exploiting compromised credentials and session vulnerabilities often missed by traditional tools. With 78% of organizations suffering cyberattacks due to compromised credentials, the weakest link in your security may not be where you expect.
 
This webinar highlights how unified, platform-based identity security can close critical gaps that leave organizations exposed. Experts discuss the evolving threat landscape, walk through key attack vectors identified in the latest Technical Validation Report, and share the defensive results that show what truly stops modern threats. Key strategies to combat credential theft, session hijacking, and privilege misuse will be covered. Key topics include:
 
· Securing browser sessions to protect today’s primary attack surface
· Implementing phishing-resistant MFA to counter attacks like MFA bombing
· Enforcing least privilege at endpoints to strengthen security
· Integrating identity security with existing tools to reduce complexity
· Reviewing validated attack paths and defensive outcomes from the Technical Validation Report
 
Gain actionable insights from experts to defend against credential-based attacks.

Strengthening Identity Security with Platform-Based Defense Strategies

Traditional identity governance often takes 18-24 months to secure just 10-25 applications, leaving many systems unprotected. As regulations tighten and auditors demand proof of strong access controls, organizations struggle to answer who has access to what across their technology landscape.

This webinar introduces a governance-first approach using AI, machine learning, and robotic process automation to transform identity governance. Instead of months designing role-based models, learn how modern tools provide visibility and governance for 100-150 applications in 4-6 months. Key topics include:

· How AI analyzes data patterns to eliminate role modeling
· Integration using out-of-box connectors, no-code APIs, and web scraping
· Strategies to reduce reviewer burden by focusing on outliers
· Spillover benefits that cut access requests and speed value

Discover how organizations achieve faster, comprehensive governance while reducing design cycles.

Foundations of IGA: Building a Modern Approach to Identity Governance

"Quantum computing is transforming the cybersecurity landscape at a faster pace than many realize. While offering groundbreaking potential for innovation, it also poses significant threats to current cryptographic systems safeguarding critical data and digital identities. ""Future-Proofing IAM: Deloitte & CyberArk on Quantum-Safe Strategies"" brings together industry leaders from Deloitte and CyberArk to tackle this dual-edged revolution head-on, with a focus on identity and access management (IAM).

This webinar dives into the quantum computing timeline and its disruptive effects on existing cryptographic protocols like RSA and ECC. The expert panel will break down why the massive growth in machine identities, now at a staggering 45-to-1 ratio compared to human identities, presents an exponentially larger attack surface for quantum-related vulnerabilities.

Attendees will gain a clear understanding of essential topics such as cryptographic agility and the importance of systems that can seamlessly adapt to evolving threats without disrupting business operations. Other highlights include exploring newly finalized post-quantum cryptographic standards by NIST, integrating zero-trust frameworks with quantum-safe protocols, and leveraging AI-driven solutions to safeguard against identity-related risks.

Designed for both CISOs embarking on their quantum-readiness journeys and those further along the roadmap, this session offers actionable insights to prepare for the era of quantum-powered cyberattacks. Featuring contributions from Deloitte’s cybersecurity experts and CyberArk’s strategic engineers, this conversation ensures you leave with the knowledge, strategies, and confidence needed to secure your IAM systems for the future. Don’t wait for Q-Day to act—your next-level security begins now."

Future-Proofing IAM Deloitte & CyberArk on Quantum-Safe Strategies

Most attacks don’t happen at the login screen—they happen inside your SaaS apps. If you can’t see what users are doing in real time, you’re exposed to risk. Blind spots lead to data leaks, compliance slip-ups, and insider threats.

Join CyberArk’s webinar to learn how Secure Web Sessions (SWS) gives you agentless monitoring and instant protection—no productivity trade-offs.

Closing SaaS Security Gaps: Protect Sessions Beginning to End

Agentic AI is reshaping how businesses operate—bringing major opportunity and new security risks. As autonomous AI agents gain access to sensitive systems, organizations must view them for what they are: privileged machine identities.

In this virtual event, experts from CyberArk, AWS and Accenture will cover:

- New research on the agentic AI threat landscape
- Why AI agents must be treated as privileged machine identities
- Lessons from securing human and machine identities
- A preview of CyberArk’s Secure AI Agents solution

Regardless of where you are in your agentic AI journey, you’ll benefit from the thoughtful exploration on how to approach the security of this new type of identity.

Securing the New Frontier of Agentic AI: The Security Imperative for AI Agents

Identity security teams need to manage identities across an ever-expanding portfolio of SaaS applications, and the identity volume is expected to increase significantly with agentic AI. For midmarket enterprises who have not deployed identity governance and administration (IGA), the existing manual governance approach slows the business and drains resources. Join this webinar to learn how technology innovation delivering a modern approach to IGA allows enterprises to meet compliance requirements and ensure all users have the right app access and entitlements continuously.
Join Todd Thiemann, Principal Analyst at Omdia, and Bruce Spooner from CyberArk to learn about the benefits of modern IGA enabling organizations to quickly and cost-effectively govern your identity and application portfolio.

Accelerating Business with Modern IGA

"Traditional application control was built for a simpler threat landscape—but today’s enterprises face dynamic risks that demand a smarter approach. Join us to explore how organizations are modernizing endpoint protection with least privilege and identity-first security.

In this session, you’ll learn how to:

Strengthen your security posture by removing local admin rights and isolating risky apps
Boost efficiency with automation and self-service workflows
Simplify compliance with built-in privilege controls and audit trails
Unlock cost savings by reducing IT workload and minimizing breach impact
Don’t let legacy endpoint controls hold your organization back. See how least privilege delivers stronger protection, smarter operations, and measurable value."

Modern Application Control with Least Privilege: The Identity Security Solution Your Endpoints Need

The recent  Shai-Hulud npm worm shows how fast an initial compromise can spread when secrets are poorly managed. After gaining access, the malware used tools like TruffleHog to harvest hardcoded tokens and credentials, then escalated laterally through packages, pipelines, and cloud accounts. It’s a vivid reminder that without strong policies, decentralized secrets management fuels the blast radius of attacks. 

From hands-on work with customers, our security services team has identified four practices that put organizations most at risk: 

 -Shared access across teams – one secret or account reused across multiple workloads. 
-Poor Kubernetes namespace definitions – mixing dev, test, and prod without clear boundaries. 
-Pipelines under a single identity – Jenkins or Ansible jobs running with unrestricted privileges. 
-One cloud account or platform for everything – concentrating risk into a single identity plane. 

For each, our security services team will share real-world stories of how attackers exploit these practices, and the  field-tested solutions that leading organizations are adopting to fix them. You’ll learn why the true risk isn’t just the secret, but the identity behind it—and how centralizing secrets management reduces blast radius, improves visibility, and scales securely without disrupting developers. 

You will learn: 
-How poor secrets practices enable lateral movement and breach escalation. 
-Four real-world pitfalls we see in customer environments—and proven ways to fix them. 
-Four real-world pitfalls we see in customer environments—and proven ways to fix them.

Secrets Management Horror Stories from the Field: Four Security Pitfalls to Avoid

Orphaned accounts (inactive or unowned user identities that retain access to critical systems) represent one of the most overlooked security risks in modern enterprises. As organizations expand their digital ecosystems with growing SaaS adoption, these forgotten credentials become backdoors for attackers and compliance nightmares for auditors.

In this webinar, we'll explore how orphaned accounts originate through incomplete offboarding, mergers and acquisitions, contractor access gaps, and application sprawl. You'll learn about the real-world consequences, from security breaches and data exfiltration to compliance violations that can jeopardize SOX, GDPR, and HIPAA adherence.

Discover why manual deprovisioning processes can't keep pace with today's complex identity landscapes, and how modern Identity Governance and Administration (IGA) solutions automate the detection and remediation of orphaned accounts. We'll demonstrate how CyberArk Modern IGA provides unified visibility across your entire identity estate, continuously monitors for risky access, and automates cleanup workflows, transforming identity governance from a manual burden into a proactive security control.

Join us to learn best practices for preventing orphaned accounts, establishing automated joiner-mover-leaver processes, and maintaining continuous compliance without the grind.

Digital Ghosts: How to Find and Fix Orphaned Accounts Before Attackers Do

Traditional Identity Governance and Administration (IGA) has long relied on static roles and labels—“Software Engineer,” “Sales Rep,” “Manager.” But in today’s dynamic business environment, this one-dimensional approach quickly becomes outdated, creating role sprawl, endless approval cycles, and review fatigue. The result? Risk is hidden in the noise, while managers rubber-stamp access requests that don’t reflect real-world needs. 

In this webinar, CyberArk Solution Strategy Architect Brian Smits will explore how AI-powered identity profiles transform IGA from guesswork to precision. By analyzing the layered attributes that make each identity unique—such as department, location, projects, and access behaviors—AI Profiles deliver smarter, context-aware access recommendations. The outcome: 
● Up to 80% reduction in review burden 
● Automated onboarding and lifecycle management that adapts as people change roles 
● Clear, auditable evidence that satisfies compliance while focusing attention on true risks 

Join us to see how layered identity insights can help your organization move beyond role fatigue, streamline governance, and achieve access that truly fits the individual—not just their job title.

AI Profiles: Why your IGA needs to see in layers, not labels

CyberArk is unveiling the next generation of Machine Identity Security. Watch demonstrations of Secrets Hub and Certificate Manager as they tackle challenges like secrets sprawl and evolving TLS certificate requirements. See how new SSH Management and Code Signing capabilities protect privileged access and software integrity, keeping modern enterprise environments secure. Blending actionable insights with breakthrough product innovations, the session reveals practical strategies to uncover hidden machine identities, automate lifecycle management, and secure machine-to-machine communications.

Accelerating Machine Identity Security: Bringing Order to the Chaos of Modern Machines

As workforce users continue to be prime targets for credential theft, organizations can’t afford to treat password management as an isolated solution. Join CyberArk experts to learn how Workforce Password Management integrates across the CyberArk Identity Security Platform to deliver stronger, more seamless protection. See how integrations with third-party IdPs, Identity and Privileged Access Management, Secure Web Sessions, and Enterprise Browser extend defenses beyond login—protecting credentials, sessions, and users throughout their entire journey.

Strengthen Workforce Password Security with Platform-Powered Integrations

Join CyberArk's security researchers as they unveil critical vulnerabilities in the Model Context Protocol (MCP) and demonstrate how organizations can protect themselves in the AI era. This session explores the emerging security challenges as AI applications become increasingly integrated into enterprise environments through standardized protocols like MCP.

Discover how the Model Context Protocol, designed as the "USB Type-C port for AI applications," creates new attack vectors through tool poisoning, command injection, and composability chaining. Learn about real-world attack scenarios where malicious MCP servers can hijack execution flows, steal sensitive data, and compromise endpoint security. Our researchers will demonstrate live examples of these vulnerabilities and show how attackers can exploit the trust relationships between MCP hosts, clients, and servers.

Explore comprehensive mitigation strategies using endpoint privilege management solutions to create security boundaries in the MCP ecosystem. See how application control, least privilege enforcement, and file access restrictions can protect your organization's AI infrastructure. Understand the importance of implementing proper security controls as your teams adopt new AI tools and protocols, ensuring they can innovate safely without exposing your organization to unnecessary risks.

Secure endpoint for the AI-era threats: Overprivileged MCPs are now a new class of vulnerabilities

Proving compliance in today’s hybrid, cloud-first world is harder than ever. Organizations often do not have visibility into what users actually do once inside critical applications — leaving dangerous blind spots when it comes to audits and regulatory reviews. 

In this advanced session, CyberArk will show how Secure Web Sessions (SWS) delivers complete, audit-ready visibility and control across workforce web activity. You’ll see how organizations can strengthen compliance, close audit gaps, and protect sensitive data — all without slowing down developers, IT teams, cloud admins or business users. 

You’ll learn how to: 

• Monitor every action taken in cloud consoles (AWS, Azure, GCP) to meet SOX, ISO, and NIST requirements 
• Record SaaS activity in apps like Salesforce, ServiceNow, and Workday for SOC 2, HIPAA, and GDPR audits 
• Track high-value actions in finance and HR systems to satisfy internal controls 
• Build a centralized, defensible and AI assisted audit trail that simplifies compliance and investigations

From Login to Logout: Making Web Access Audit-Ready

Privileged access management remains vital to enterprise security, but the landscape is evolving. Identity-driven threats are rising, and privilege now extends beyond IT admins to nearly every employee. Organizations face pressure from cyber insurers, tool sprawl across 11+ identity solutions, and a surge in machine identities, which can outnumber humans 80 to 1.
 
Join Todd Thiemann, Principal Analyst at ESG, and Ryne Laster from CyberArk as they explore evolving privilege infrastructure toward zero standing privilege while enhancing PAM capabilities. Gain strategies to tackle today’s challenges and prepare for future threats, including AI complexities.
 
· How just-in-time access and zero standing privilege reduce attack surfaces and credential theft risks
· PAM’s role in cyber insurance underwriting and premiums
· Rationalizing identity tools while maintaining top functionality
 
Watch this webinar to learn how to transition to a zero standing privilege architecture.

The Future of Privileged Access: Solving Today’s and Tomorrow’s Challenges

In a hybrid, cloud-first world, every human identity connected to an endpoint becomes a potential attack vector. And when you're managing thousands of users and devices across a large enterprise, the stakes—and the complexity—skyrocket.  That’s why CyberArk and Computacenter are zeroing in on how large organizations can enforce strong, scalable MFA strategies at the endpoint—without slowing people down.

Secure Every Human Identity at the Endpoint Five MFA Endpoint Use Cases for Large Enterprises

The 47-day TLS certificate lifecycle mandate is closing in — and the margin for error is shrinking fast. Whether you're just starting to explore automation or already planning your rollout, this session will show you how to go from patchwork solutions to an end-to-end, scalable strategy.

We'll move beyond building a foundation for certificate automation and dive deep into operationalizing automation, monitoring compliance in real time, and scaling your strategy across platforms and teams.

To bring these concepts to life, we’ll be joined by Jay Armstrong, Expert Cybersecurity Engineer at Discover, a Division of Capital One, who will share how the bank automated certificates on its load balancers with CyberArk Certificate Manager. He’ll discuss the challenges they previously faced, the approach they took to streamline certificate operations, and the impact of automation on reliability and efficiency across their infrastructure.

We’ll also cover real-world maturity milestones and ROI metrics to help measure progress and secure buy-in.

You’ll leave this session understanding how to:

Automate certificate renewal at scale — including deployment
Reduce operational toil and human error across hybrid and cloud environments
Monitor automation success, SLA compliance, and audit readiness
Track key KPIs and use the maturity model to plan your next milestones
Estimate ROI based on time savings, reduced outages, and risk reduction
Take charge of your certificate management strategy.

47-Day Chaos to Control: How to Scale Certificate Automation Before Enforcement Hits

In the fast-moving world of DevOps, cloud, and machine identities, secrets are everywhere—and attackers know it. And with the explosive growth in machine identities how are security teams protecting the secrets that secure their infrastructure. In this session Martin Kuppinger, from the world renowned KuppingerCole research firm shares his perspective and recently published independent research on secrets management. 

With a fireside chat format, our host Chris Smith quizzes Martin Kuppinger and Kurt Sand, General Manager of CyberArk’s Machine Identity Security business on the challenges security teams face securing their secrets. Challenges, such as: 

How are organizations able to reduce their technical debt of unsecured and static secrets?  
Can automation and discovery tools address these challenges at scale?  
Should organizations push to consolidate secrets management across their complex, hybrid, and multi-cloud environments – or is this just not realistic. 

Join us, together with Martin Kuppinger, Founder and Principal Analyst at KuppingerCole Analysts, for an insider’s view and demos on the challenges and tools needed to manage and secure secrets and the applications they protect. 

In this session, you’ll learn: 

• Key takeaways from the 2025 KuppingerCole Leadership Compass 
• Why a unified approach addresses secrets sprawl and operational complexity 
• How to accelerate developer productivity while strengthening security 
• A live demo of  market-leading Secrets Management solution 

Whether you’re battling hardcoded credentials, securing machine identities, or looking to streamline secrets management at scale, you’ll walk away with actionable insights—to help you address the growing challenge of unmanaged secrets, secrets sprawl and more.

The Future of Enterprise Secrets Management – As The Challenges Grow, How Are Security Teams Keeping Up?

Prepare for 47-day TLS certificate lifecycles with scalable automation best practices

The clock is ticking. With the 47-day TLS certificate lifecycle mandate fast approaching in early 2029 – and the first phase of enforcement going into effect in March 2026 – organizations must act now to avoid outages and compliance risks.

It’s time to build your execution plan.

This is the first webinar in a two-part series designed to help teams understand the new certificate reality and take immediate, actionable steps toward automation. In Part 1, you’ll learn how to assess your current certificate landscape, identify ownership gaps, and enforce renewal policy to lay the foundation for a scalable automation strategy, using proven benchmarks and real KPIs.

You’ll walk away from Part 1 with an understanding of how to:

- Inventory and categorize all public TLS certificates across hybrid environments
- Prioritize high-risk certificates and detect shadow issuance
- Establish certificate ownership and enforce lifecycle policies
- Configure alerting and notification
- Use the Certificate Automation Maturity Model to benchmark readiness

47-Day Reality Check: How to Prepare for the Certificate Automation Shift

In a galaxy not so far away, securing communications and protecting sensitive data is as crucial as outrunning an Imperial Star Destroyer. Join us for a thrilling webinar where we discuss optimizing Public Key Infrastructure (PKI) to run like the legendary Millennium Falcon - Han Solo's trusted ship known for its speed, security, and reliability.

Just as the Millennium Falcon navigates through hyperspace with unmatched precision, PKI provides the backbone for secure, encrypted communications in today's digital world. In this session, we’ll explore fine-tuning your certificate lifecycle management (CLM) strategy to ensure data travels safely across networks, much like the Falcon escaping danger at lightspeed.

Through this Star Wars-inspired session, you’ll learn how to:

- Use PKI as Your Hyperdrive Booster: See why PKI isn’t just security - it’s a business enabler that accelerates your mission.
- Fine-Tune Your Ship’s Navigation System: Automate certificate lifecycle management like the Falcon’s precise hyperspace calculations.
- Avoid Asteroids and Imperial Blockades: Conquer common security challenges, compliance roadblocks, and expiration dangers.
- Make the Kessel Run in Record Time: Deliver certificates faster, securely, and at scale - just like captaining the Falcon through hyperspace.

Whether you're a seasoned or novice hyperspace navigator, this webinar will help you calibrate your PKI for speed and security. Successfully pilot your Millennium Falcon across today’s digital galaxy.

Prepare for Lightspeed: How to Build Your Certificate & PKI Strategy for the Kessel Run

In an era where identity is the cornerstone of security, understanding and effectively managing certificates and Public Key Infrastructure (PKI) is essential. 

Welcome to ""Mastering a Machine Identity Security (MIS) Strategy: Certificates and PKI 101,” an interactive session for understanding and managing digital certificates and PKI.  

This educational webinar is designed to provide an overview of machine identity security essentials, furnishing you with a solid grounding in the technologies that enable crypto-agility. 

In this session, our cybersecurity instructors will cover: 

- What is Machine Identity Security and why is it a Gartner 2025 top cybersecurity trend 

- A detailed explanation of certificates: what they are, how to obtain them, and their various uses. 

- An overview of Certificate Authorities and PKI. 

- The key components required for a comprehensive Machine Identity Security program. 

Join us for this foundational course and discover how automated machine identity solutions can enhance your security posture, streamline certificate management, and ensure compliance. This webinar is your opportunity to build a strong understanding of certificates and PKI, empowering you to protect your organization against evolving threats.

Mastering a Machine Identity Security (MIS) Strategy: Certificates and PKI 101

Inspired by some 90’s rock, our very own Brandon Traffanstedt (BT) is getting the CyberArk band back together for another tour! 

Join us for a high-energy jam session, as BT and special guests explore how to tackle expired certificates, manual processes, and legacy PKI issues that can sink your organization with outages. We’ll bring some new tunes, new demos and a few new surprises you haven’t seen before. 

And most importantly, we’ll show you how to scale and automate your machine identity security strategy against one of the fastest growing threats in security.

Join us and we’ll show how to: 

• Automate your strategy 
• Adopt shorter-life certificates & remove complexity 
• Reduce risk and cost of operating legacy PKI systems 
• Eliminate insecure and error prone manual processes

Rage WITH The Machines: How to Rock Your Machine Identity Security Strategy

As the industry shifts towards a 90-day standard for TLS certificate lifespans, organizations must adapt quickly to minimize the risk of outages due to expired certificates. Join us for an insightful webinar where we delve into the top critical automations needed to ensure your enterprise is prepared for this significant change. Venafi experts will guide you through the essential steps to automate certificate management across key components of your infrastructure, helping you maintain security, compliance, and uninterrupted service delivery.

Top 5 Critical Automations to Minimize Outages from 90-Day TLS Certificates

Managing certificates effectively has never been more critical, especially with the increasing complexity of modern infrastructures and the rise of 90-day and now 45-day certificate lifecycles. In this exclusive Q&A session with the Head of Technology Operations and Engineering at OneMain Financial, we explore the transformative impact of certificate lifecycle automation on business operations and career trajectories in tech. 

Watch to learn how automation can help you:
Mitigate compliance risks, ensure security and reduce manual overhead in certificate renewals.
Craft a compelling business case for automation, secure executive buy-in and build an effective roadmap for automating certificate management.
Strengthen collaboration across teams like DevOps, engineering and security.
Propel your career growth by championing automation and staying ahead of future trends in securing machine identities.

The Automation Advantage: Elevating Business Outcomes and Career Impact in Certificate Management

Secure certificates and PKI

The CA/Browser Forum has approved sweeping changes to the TLS certificate lifecycle, reducing the maximum validity for public certificates to just 47 days, down from today’s 398. Starting in 2026, these changes will roll out in phases, forcing teams to renew certificates more frequently and rethink how they manage risk and compliance.

In this 45-minute session, certificate security experts George Parsons and Ryan Hurst will break down what’s changing, the operational risks of delayed action, and how organizations can use automation and policy alignment to adapt at scale.

Many teams today still rely on manual processes to check TLS certificate expiration, increasing the chances of missed deadlines and unexpected outages. Shorter certificate lifespans mean even a single expired TLS certificate can disrupt critical systems. Whether you're managing five or 10,000 certificates, knowing how to maintain visibility is essential.

You’ll leave the session with a clear understanding of how to:

- Modernize your TLS certificate lifecycle management strategy
- Communicate risk across technical and business teams, leadership, and the Board
- Build this change into your budget now (and quantify inaction to frame your business case)
- Ensure your infrastructure is ready for 47-day renewal cycles — mandatory for public PKI, and increasingly valuable for internal PKI as well.

Join us to get ahead of the transition and bring resilience to your TLS/SSL certificate lifecycle.

The Countdown to 47 Days: Are You Ready for the Biggest Change in TLS Certificate Lifecycle Management?

Cybersecurity

Cloud Security

Vulnerability Management

Application Security

Automation

Compliance

Data Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The Countdown to 47 Days: Are You Ready for the Biggest Change in TLS Certificate Lifecycle Management?

Presented by

About this talk

CyberArk