How High Assurance Code Signing Can Make You a Hero

Peter DiToro, Thales e-Security
Advanced persistent threats (APTs) like Stuxnet and Duqu have caused many software-producing organizations to re-examine their code signing operations – specifically the security of private signing keys that underpin the integrity of the entire process. What many don’t realize is that they can both increase the assurance level of their code signing AND simplify and automate their code signing workflows at the same time!

Join Thales security expert Peter DiToro on April 24, 2012 at 2:00pm EST for an informative session where you will learn how to:
• Provide high assurance protection for private code signing keys and digital signature operations
• Automate and simplify code signing workflows in multi-workstation environments
• Apply cryptographic best practices to significantly reduce the risk of malicious software alteration and protect your brand.
Apr 24 2012
42 mins
How High Assurance Code Signing Can Make You a Hero
Join us for this summit:
More from this community:

Application Development

Webinars and videos

  • Live and recorded (1114)
  • Upcoming (40)
  • Date
  • Rating
  • Views
  • Jack Madden converses with James Rendell to get the CA perspective on Enterprise Mobility Management’s (EMM) future potential. EMM must not for get BYOD but also go beyond it into Mobile App Management (MAM) and find ways to keep users personal information and employers information separated and find a way to embrace the Internet of Things.
  • Jack Madden discusses Enterprise Mobility with Arun Bhattacharya to get the CA perspective on the way it should be. This means going beyond BYOD and MDM, and embracing MAM, MEM, MCM, and IoT. For many companies, finding the balance between employers and users privacy and security has been a problematic issues.
  • In this webinar, we’ll be going back to basics to cover what DevOps is and why should you care about it, but also discuss more advanced topics like proactively analyzing business applications during the development phase, and bringing down the silos between developers, IT operations, QA, and the business.

    Sign-up for this webinar with John Jelinek, the co-founder of DevOps Live, and Matt Zanderigo of Riverbed for some expert coaching on taking the plunge to DevOps, smoothing out the interaction between development and operations, and gaining visibility into application change to help speed up application rollouts.

    In this webinar, you’ll learn:
    •How to initiate a DevOps transformation, notable traits of successful DevOps cultures and how to get both Dev and Ops to work together effectively
    •How to ensure performance defects are discovered early with sufficient detail to fix the issue with Application Performance Management.
    •How companies like Michelin and National Instruments have reduced production issues up to 30%, and streamlined their application rollout process up to 6 times faster.

    Meet Our Guest Speaker
    John Jelinek is the co-founder of DevOps Live, a meetup group focused on bringing down silos between developers, IT operations, QA, and the business. John is also a Developer Evangelist for TradeStation Technologies, Inc. He helps software engineers build new innovations on the Web with the TradeStation WebAPI, a real-time source for financial market data. He lives in North Dallas with his wife and two daughters.
  • Tras crear un prototipo inicial de su aplicación para una vista previa limitada ya es hora de que el equipo pase a consolidar la arquitectura haciéndola más robusta y tolerante a los fallos antes de lanzarla oficialmente al público final.

    En este capítulo se tratan conceptos de la infraestructura de AWS tales como regiones y zonas de disponibilidad; además, se explica cómo utilizar tales características para incrementar la tolerancia de la aplicación a los fallos.

    Servicios y características tratados
    •Conceptos clave sobre infraestructura (regiones y zonas de disponibilidad)
    •Equilibro de carga elástico (Elastic Load Balancing)
    •Amazon RDS

    Demostración
    •Creación de una AMI basada en una instancia en ejecución
    •Creación y configuración de un equilibrador de carga elástico
    •Zonas de disponibilidad múltiples con Amazon RDS
    •Alarmas con Amazon CloudWatch
  • Una vez expandida con éxito la capacidad del centro de datos a Amazon Web Services para los entornos de desarrollo y prueba, el equipo de IT se enfrenta a un nuevo reto en cuanto a la capacidad, es decir, cómo almacenar la cada vez mayor cantidad de datos generados por las aplicaciones empresariales y mantener los costes a la baja. Además, también se enfrentan al reto de mantener copias de seguridad de esos datos de manera adecuada.

    Este capítulo aborda ambas cuestiones con servicios como Amazon S3 y Amazon Glacier.

    Demostración:

    •AWS Storage Gateway
    •Datos de Amazon S3 a Amazon Glacier

    Servicios y características tratados:
    •Amazon S3
    •Amazon Glacier
    •AWS Storage Gateway
    •AWS Import / Export
  • Enterprises are realizing that the opportunity of data analytics is maximum when the data is fresh and represents the "current reality" of operations or customer experience. The business value of data dramatically falls with its age.

    As IT and line-of-business executives begin to operationalize Hadoop and MPP based batch Big Data analytics, it's time to prepare for the next wave of innovation in data processing.

    Join this webinar on analytics over real-time streaming data.

    You will learn about:
    •How business value is preserved and enhanced using Real-time Streaming Analytics with numerous use-cases in different industry verticals
    •Technical considerations for IT leaders and implementation teams looking to integrate Real-time Streaming Analytics into enterprise architecture roadmap
    •Recommendations for making Real-time Streaming Analytics – real – in your enterprise
    •Impetus StreamAnalytix – an enterprise ready platform for Real-time Streaming Analytics
  • This Analyst Briefing will cover key findings from Frost & Sullivan’s suite of video technology research for 2013, as well as the Digital Media research team’s impressions and conclusions from the 2014 National Association of Broadcasters (NAB) Show, taking place April 5-10, 2014 in Las Vegas.

    Reasons to Attend:

    •Understand key technical trends in content delivery and monetization, and their impact on video encoding/transcoding offerings
    •Gain insight into worldwide market growth opportunities
    •Receive highlights related to the competitive landscape
    •Identify customer perceptions and requirements when choosing vendors and solutions
  • Many customers who want to deliver application releases quicker, find bugs earlier and eliminate testing infrastructure turn to Capgemini’s Test Environment Management (TEM) services, which leverages CA LISA® Service Virtualization. The TEM methodology incorporates automated regression testing and virtual test environments; enabling greater coverage of non-function tests. The resulting test environment expedites delivery of new application features to business users, reduces costs and ensures higher quality production systems.

    Join CA Technologies & Capgemini on April 16, 2014 at 10:00 am ET to learn how these capabilities are delivered by Capgemini, the functionality of the CA Technologies tools that make it possible, and a customer’s experience with the Capgemini TEM - CA Technologies solution.
  • Questo è il primo episodio di una serie di webinar che illustreranno le diverse modalità in cui AWS viene utilizzato dai team di sviluppo agili. Tutti gli episodi faranno riferimento a una startup impegnata nell'apertura di una nuova area di business, illustrando i vantaggi offerti dall'utilizzo di AWS. La startup puo' essere una nuova realtà o un centro di innovazione all'interno di una azienda esistente, ad esempio per seguire il lancio di un nuovo prodotto.

    In questo episodio vengono descritti i principali vantaggi di AWS per le startup e i team IT agili, soffermandosi su come il team abbia sviluppato rapidamente un prototipo funzionante utilizzando i diversi servizi offerti dalla piattaforma.
  • Join AWS for this Building Scalable Web Applications webinar where we will explain the key architectural patterns used to build applications in the AWS cloud, and how to leverage cloud fundamentals to build highly available, cost effective web-scale applications.

    You will also learn how to design for elasticity and availability within AWS using a common web architecture as a reference point and discuss strategies for scaling, security, application management and global reach. If you want to know how to make your applications truly scale then join this webinar to learn more.

    Reasons to attend:

    • Understand the architectural properties of powerful, scalable and highly available applications in the Amazon cloud
    • Learn about Amazon regions and services that operate within them that enable you to leverage cloud scaling
    • Discover how to manage data with services like Amazon S3, Amazon DynamoDB and Amazon Elastic MapReduce to remove constraints from your applications as your achieve web-scale data volumes
    • Hear about customer case studies and real-world examples of scaling from a handful of resources to many thousands in response to customer demand

    Who should attend?

    • Developers, operations, engineers and IT architects who want to learn how to get the best from their applications in AWS
  • Channel
  • Channel profile
Up Down
  • Future Proof Your Network: EMV, Mobile and the Cloud are Here Apr 30 2014 5:00 pm UTC 60 mins
    The EMV liability shift is fast approaching in the United States. Along with the emerging trend towards innovative mobile payment solutions, this means that core infrastructures need to be enhanced to support new payment methods and channels – often with additional security, risk and lifecycle requirements. Now is the time for financial issuers to develop a future payments strategy that will enable you to migrate efficiently and quickly to EMV chip based technology, and adapt to stay competitive in this period of high disruption.
    Attendees will learn:
    •Facts vs. myths about EMV and how it reduces fraud
    •How the top 5 short-term challenges of EMV migration can be solved
    •The versatility of EMV and real-world examples of how it facilitates so much more than fraud reduction
    •EMV uses beyond cards – mobile (NFC) payments & host card emulation (HCE)
    •Examples of Bell ID and Thales e-Security deployments for EMV card and mobile payments
  • 5 Ways to Measure the Quality of Your Crypto Apr 24 2014 6:00 pm UTC 60 mins
    Encryption, and cryptography in general, has been thrust into the spotlight as a critical technology for combating surveillance, data breaches, insider threats, and more. But encryption is no silver bullet, and the quality of its implementation is the major determining factor in the protection it actually provides. Join us on Thursday April 24 to learn about:
    •Five ways you can measure the quality, or trust level, your crypto systems provide
    •Effective strategies for dealing with the key management pain many organizations are starting to feel as they increase their deployment of cryptography
    •Use cases for strong cryptography and trusted key management with hardware security modules (HSMs)
  • Persistent Information Protection, Deploying Microsoft RMS with Thales HSMs Recorded: Feb 12 2014 87 mins
    Want to have a deeper understanding of how to deploy Microsoft Rights Management Services (RMS) with the added capability of generating and controlling your own key that secure your sensitive data? Join us for a joint webinar with Microsoft, Synergy Advisors, and Thales to learn how to deploy Microsoft RMS with the unique bring your own key (BYOK) capability across multiple operational scenarios including:

    • Subscription-based service in Azure
    • On-premises in Windows Server
    • Cross-premises in mixed environments

    You will also learn how to take advantage of the BYOK offering to secure your RMS private key within a Thales hardware security module (HSM) to maintain control of the critical keys securing your most sensitive data and intellectual property.
  • Persistent Information Protection, Extending the Use of HSM Within Microsoft RMS Recorded: Feb 11 2014 58 mins
    Want to take advantage of the cloud for collaboration but feel you will lose control of your sensitive data? Join us for a joint webinar with Microsoft, Synergy Advisors, and Thales to learn how you can deploy a unique solution that enforces strict security policies on your data assets and achieves persistent information protection. Learn how to:

    • Deploy new features and capabilities of Microsoft Rights Management Services (RMS)
    • Protect your sensitive files in any format and in any device, including iOS and Android
    • Share protected information with anyone, inside and outside your own organization

    You will also learn how the unique bring your own key (BYOK) capability enables you to generate and safeguard your own RMS private key within a Thales hardware security module (HSM), ensuring you that Microsoft operators cannot see or leak the keys during import or use.
  • Identity as a Service – Strong Enough for Government? Recorded: Nov 13 2013 59 mins
    For many companies thinking about moving sensitive data to the cloud, security issues remain a significant concern. But Operational Research Consultants Inc. (ORC) and Thales e-Security are proving that the cloud really can be made as safe or even safer than on-premise deployments even for organizations as security-focused as the U.S. Federal Government.
    Join Daniel Turissini, CTO, WidePoint Corp. and Founder of ORC, Inc., a WidePoint company, and Richard Moulds, VP Product Marketing & Strategy at Thales e-Security
  • The cryptographic landscape is shifting – how do you stay safe? Recorded: Oct 30 2013 59 mins
    The recent Snowden disclosures regarding the NSA’s alleged activity, as well as its influence on NIST and other organizations, put existing industry standard cryptographic algorithms and key lengths under renewed scrutiny. Equally, academic analysis of the same algorithms may indicate their useful lifecycle to be shorter than previously predicted. This combination may precipitate the need for rapid shifts from outdated algorithms and key strengths, to different ones less susceptible to attack or collisions.

    In this webinar, analyst Securosis will discuss these important landscape changes and you’ll hear strategies for managing the cryptographic algorithm and key length elements necessary for data protection, separate from core application functions so that algorithms can be replaced quickly and administratively - without requiring changes to application code. You’ll leave knowing how Prime Factor’s EncryptRIGHT makes encryption easy and Thales HSMs make encryption even stronger!
  • Proteção de Dados: Como as Empresas Brasileiras utilizam a Criptografia Recorded: Oct 23 2013 61 mins
    Veja como as organizações brasileiras estão aumentando o uso da criptografia para atender aos novos regulamentos e aos ataques cibernéticos. Pesquisa multi-nacional da Thales conclui que a criptografia e o uso de chaves criptográficas tem se tornado questões estratégicas de negócios para abordar os regulamentos de segurança e gerenciar os riscos
  • Mobile payments- are you in control? Recorded: Sep 17 2013 50 mins
    Join Entrust and Thales e-Security as we share our practical knowledge of securing mobile payment solutions, underpinned by real-world use cases and proven technology. If mobile payments are important for your future company success please register below to join us and learn more about how we can help.
  • Trends in Cloud Encryption Recorded: Jun 26 2013 62 mins
    Organizations more confident transferring sensitive data to the Cloud despite data protection concerns. Join Thales e-Security and the Ponemon Institute as we discuss the results of a new survey on cloud security that shows an increasing number of organizations transferring sensitive or confidential data to the cloud despite concerns over data protection. The Encryption in the Cloud global study interviewed more than 4,000 organizations in seven countries and was conducted by the Ponemon Institute and commissioned by Thales.

    This webinar will discuss the results of the 2012 study that examines perceptions and current practices surrounding the threats and protection issues relating to sensitive or confidential data in the cloud. We’ll reveal surprising attitudes about who is considered responsible for protecting this valuable and often regulated class of data – the cloud service provider or cloud service consumer. The findings are also significant in explaining how that data is protected and where data encryption is applied inside and outside the cloud. Most important is who manages the associated encryption keys and therefore who ultimately controls access to the data. Join us to learn more and download a copy of the new Encryption in the Cloud report.
  • Simplifying DNSSEC - Managing DNSSEC Has Never Been Simpler Recorded: Mar 27 2013 50 mins
    Join BlueCat and Thales for a solution webinar on how you can better protect your sensitive data with DNS security extensions (DNSSEC). The Domain Name System (DNS) is what allows you to connect to anything and anyone on the Internet. Yet for all its business criticality, most organizations don’t properly secure it. DNSSEC provides a trust relationship within DNS that protects your organization from falling prey to attacks or attempts to steal your – or your customers’ – data.

    Managing DNSSEC security keys has traditionally been complex, costly and time consuming, but it doesn’t need to be. BlueCat combines the ultra-high security of the Thales nShield Connect HSM with the simplicity of our IP Address Management (IPAM) platform to deliver the simplest and most secure solution available for managing DNSSEC. Learn what to look for in a DNSSEC solution and why some of the most demanding and secure organizations in the world trust BlueCat to securely manage their networks.
  • Encryption as a Barometer – What’s Your Security Posture? Recorded: Mar 12 2013 61 mins
    Global Encryption Trends Report: Encryption usage is an indicator of a strong security posture. Is your organization ready? Organizations that deploy encryption extensively throughout the enterprise as opposed to limiting its use to a specific purpose are more aware of threats to sensitive and confidential information and spend more
    on IT security.

    The Ponemon Institute and Thales e-Security are pleased to present the findings of the 2012 Global Encryption Trends Study. Ponemon surveyed 4,205 business and IT managers in the United
    States, United Kingdom, Germany, France, Australia, Japan and Brazil. The purpose of this
    research was to examine how the use of encryption has evolved over eight years and its impact of this technology on the security posture of organizations. Join us to learn more and find out how you can determine the barometer of your company’s overall security posture!
  • Understanding and Selecting a Key Management Solution Recorded: Feb 5 2013 63 mins
    Organizations that are expanding their use of encryption technology for data protection are increasingly turning their attention to developing an overarching enterprise key management strategy. However, the complexities of meeting current needs while trying to account for future requirements and evolving virtualization and cloud computing initiatives can easily cause confusion and frustration. This webinar, the second in a two-part series from Securosis and Thales e-Security focused on key management, explains deployment options, describes important technology and management features, and includes a practical checklist to use when selecting a key management solution to best fit the needs of specific projects and environments.
  • Data Protection in the Cloud – Whose problem is it really? Recorded: Dec 12 2012 45 mins
    Using cloud computing is like climbing a mountain – the higher you go the harder it is to climb. Moving mundane tasks to the cloud is easy, but for security centric applications the move is harder to make and for those involving regulated data the day may never come. That’s a shame because it’s in just these areas where the strongest economic incentives for moving to the cloud lie. The question is, who is best placed to establish the appropriate security in order to make this particular mountain easier to climb? Should cloud users plan on a “Bring Your Own Security” approach where they assume that the cloud is essentially an untrusted environment where they must wrap their own security around their applications and data, or should cloud providers be responsible for providing appropriate protection as part of a trusted cloud platform where users can feel safe and do what they do best – build applications? This presentation will address the tradeoffs as well as provide practical guidance regarding data protection approaches in a cloud environment.
  • Assessing a PKI Against Today’s Changing Requirements - Helping Ensure a Strong Recorded: Oct 24 2012 62 mins
    Thales PKI Webinar: The suitability and trustworthiness of a PKI must be regularly assessed as more higher value applications increasingly depend on it. As the demands on previously deployed PKIs change, consultants and PKI implementers can play a valuable role by examining usage, applications, and data to ensure the appropriate levels of assurance are in place. With the backdrop of well-known attacks on sensitive data, as well as technology advances, implementers must consider critical security factors including:

    . Growing industryand government regulatory compliance requirements
    . Today’s increased threat environment and sophistication of attacks
    . Supported applications and the sensitivity of the data they process
    . Expanded use of a PKI to support mobility and cloud computing
    . Transition to longer RSA key lengths and alternative algorithms

    Join our webcast to learn how to create awareness of the critical need to assess PKIs in the face of new developments, and to ensure they can still do the job. This informative Microsoft PKI implementers session will provide you:

    . A security blueprint to create awareness in this critical security matter
    . A framework to examine PKI needs against required assurance levels
    . A set of best practices to develop action plans to strengthen their PKIs
    . Information about how Thales nShield hardware security modules (HSMs) can enhance the assurance level of Microsoft PKIs
  • Pragmatic Key Management for Data Encryption Recorded: Oct 18 2012 59 mins
    Securosis/Thales e-Security Webinar: Over the years, key management has developed a dubious reputation – in a large part due to numerous crypto-enabled products failing to meet enterprise requirements for full lifecycle key management and few being genuinely easy to use. Fortunately, new techniques and tools remove much of the historical pain of key management, setting the stage for better experiences with mature technologies like encryption and PKI as well as a host of new and innovative applications.

    In this webinar, Securosis and Thales review encryption and key management basics, outline the four primary key management strategies, show how they map to typical enterprise use cases, and review how to choose a strategy that best fits your organization today while preparing you for tomorrow’s needs.
  • Encryption in the Cloud - Thales/Ponemon Recorded: Sep 25 2012 60 mins
    This Cloud focused webinar is based on the Ponemon research that considers how encryption is used to ensure sensitive or confidential data is kept safe and secure when transferred to external-based cloud service providers. Together, Thales & Ponemon discuss important findings that demonstrate the relationship between encryption and the preservation of a strong security posture in the cloud environment. Based on the research, organizations with a relatively strong security posture are more likely to transfer sensitive or confidential information to the cloud. We'll cover high-level questions asked and issues sought by this research including:

    . What percent of organizations currently transfer sensitive or confidential data to external cloud-based services?
    . Who is most responsible for protecting sensitive or confidential data transferred to an external cloud-based service provider? Is it the cloud provider, the cloud consumer or is it a shared responsibility?
    . Do organizations have the ability to safeguard sensitive or confidential data before or after it is transferred to the cloud?
    . Do respondents believe their cloud providers have the ability to safeguard sensitive or confidential data within the cloud?
    . In the eyes of respondents, does the adoption of cloud services impact their organization’s security posture?
    . Where is encryption applied to protect data that is transferred to the cloud?
    . Do organizations fully comprehend or even have visibility of the steps or measures taken by the cloud provider to protect sensitive or confidential data?
    . Who manages encryption keys when sensitive and confidential data is transferred to the cloud?
  • Appliance Key Management Advantages for IBM Storage Encryption Recorded: Jul 12 2012 39 mins
    How can you be sure you can recover your data, long-term, ensure that keys are protected from theft, and limit access to all but legitimate users? Key management is the foundation to deploying encryption successfully.
    During this webinar Thales e-Security and IBM will discuss:
    • The importance of key management for effective encryption solutions
    • Determining environmental readiness and solution qualifying criteria
    • Six critical requirements of a robust key management system
    • A best of breed approach: IBM software in a security-hardened appliance

    Whether yours is a small enterprise looking for a reliable point solution, or a global organization with a large investment in centralized IT services, this presentation will inform you on how today’s solutions provide the right fit to accelerate adoption and plan for future growth.
  • O crescimento da Criptografia na Protecao de Dados Recorded: Jun 27 2012 28 mins
    Veja como as organizações brasileiras estão aumentando o uso da criptografia para atender aos novos regulamentos e aos ataques cibernéticos. Pesquisa multi-nacional da Thales conclui que a criptografia e o uso de chaves criptográficas tem se tornado questões estratégicas de negócios para abordar os regulamentos de segurança e gerenciar os riscos
  • Data Protection in the Cloud – Whose Problem Is It Really? Recorded: May 23 2012 46 mins
    Using cloud computing is like climbing a mountain – the higher you go the harder it is to climb. Moving mundane tasks to the cloud is easy, but for security centric applications the move is harder to make and for those involving regulated data the day may never come. That’s a shame because it’s in just these areas where the strongest economic incentives for moving to the cloud lie. The question is, who is best placed to establish the appropriate security in order to make this particular mountain easier to climb? Should cloud users plan on a “Bring Your Own Security” approach where they assume that the cloud is essentially an untrusted environment where they must wrap their own security around their applications and data, or should cloud providers be responsible for providing appropriate protection as part of a trusted cloud platform where users can feel safe and do what they do best – build applications? This presentation will address the tradeoffs as well as provide practical guidance regarding data protection approaches in a cloud environment.
  • Increasing Encryption Deployment- Response to Compliance & Cyber Attacks Recorded: Apr 26 2012 41 mins
    Thales e-Security and Ponemon Institute have partnered within the security community to identify and understand the trends that shape the market. This webinar will examine the usage of encryption and how it has been evolving. Having recently completed the “2011 Enterprise Encryption Trends Report” that focuses on compliance pressures and cyber-attacks targeting sensitive data that is leading IT organizations to alter their encryption strategies, this webinar will provide insight from surveyed I.T. workers across various job functions. You'll hear how they're leveraging encryption technology in order to protect their critical information assets. Since compliance laws differ around the world, encryption trends tend to vary greatly in various markets. Are your assets being fully protected?

    Join Thales e-Security and guest speaker Larry Ponemon to learn more about this exciting webinar topic on April 26, 2012 at 2:00 pm EST!
Encryption and Key Management Solutions
Data protection and security solutions to help companies meet compliance and protect the security of your most sensitive data leveraging encryption and key management.
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How High Assurance Code Signing Can Make You a Hero
  • Live at: Apr 24 2012 6:00 pm
  • Presented by: Peter DiToro, Thales e-Security
  • From:
Your email has been sent.
or close
You must be logged in to email this