certificate authority
Let’s Encrypt works toward post-quantum certificates at web scale
Let’s Encrypt plans to pursue a post-quantum-safe Web PKI through Merkle Tree Certificates (MTCs), a new approach that adds post-quantum authentication to the web without …
NTLM relay attacks are back from the dead
NTLM relay attacks are the easiest way for an attacker to compromise domain-joined hosts. While many security practitioners think NTLM relay is a solved problem, it is not – …
Shorter TLS certificate lifespans expected to complicate management efforts
76% of security leaders recognize the pressing need to move to shorter certificate lifespans to improve security, according to Venafi. However, many feel unprepared to take …
EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA)
EJBCA is open-source PKI and CA software. It can handle almost anything, and someone once called it the kitchen sink of PKI. With its extensive history as one of the …
3 ways to achieve crypto agility in a post-quantum world
Working at the speed of digital business is a constant challenge. But in today’s increasingly automated operational environment, crypto agility—i.e., an organization’s ability …
cert-manager: Automatically provision and manage TLS certificates in Kubernetes
cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those …
Evaluating the use of encryption across the world’s top one million sites
A new report from security researcher and TLS expert Scott Helme, evaluates the use of encryption across the world’s top one million sites over the last six months and reveals …
Lack of CLM maturity is putting organizations at risk
More than a year after the historic and damaging SolarWinds attack, nearly 65% of organizations still are unable to secure and govern the growing volume of machine and …
Why machine identities matter (and how to use them)
The migration of everything to the cloud and corresponding rise of cyberattacks, ransomware, identity theft and digital fraud make clear that secure access to computer systems …
EV certificate usage declining: Is the internet becoming more secure?
Driven by the acceleration of digital transformation and cloud migration during the pandemic, the analysis of the world’s top 1 million sites over the last 18 months shows …
Researchers shed light on hidden root CAs
How widespread is the use of hidden root CAs and certificates signed by them? To answer that and other questions, a group of researchers from several Chinese and U.S. …
Network and IoT security in a zero trust security model
You can never be too careful when it comes to network and IoT security. With a rapidly growing number of disparate devices being connected to corporate and industrial …