PKI Blog

How to Regain Control of Compromised IoT Device Certificates

Posted by JD Kilgallin on Apr 25, 2018 3:19:42 PM

Imagine a world with no access controls. A free for all resulting in chaos thanks to broken processes, zero audit trails, and no way to administer rights to the appropriate devices or people. Luckily, today’s IoT driven world is layered with access controls designed to streamline and simplify alongside of prioritizing the most important aspect - security. With CMS VerdeTTo and the VerdeTTo Access Valve for ThingWorx, devices can be constrained to only access systems under certain conditions, such as connecting from certain known locations or during certain expected operating hours. VerdeTTo also allows devices with compromised certificates to quickly be disabled, preventing them from accessing network resources and systems. Just one click changes a metadata value for the compromised certificates through the VerdeTTo portal, while the VerdeTTo Access Valve immediately terminates the device’s access to the ThingWorx platform. But once a device is compromised (especially if a broad range of devices are compromised) how do you securely bring everything back online?

Read More

Topics: Public Key Infrastructure, PKI, IoT, Internet of Things (IoT), LiveWorx, Cryptography

How to Find and Protect Code Signing Certificates

Posted by CSS Technical Team on Apr 6, 2018 11:33:57 AM

The demand for trust in today's uber-connected digital society is unprecedented. Consumers of software require guaranteed proof that the application they are using is legitimate. Secure code signing validates the author of the software and proves that the code has not been altered or tampered with after it was signed. Trusted code signing certificates are used to verify authenticity, but what is preserving the integrity of those certificates?

Read More

Topics: Public Key Infrastructure (PKI), Crypto-agility, weakening cryptography, secure code signing, find code signing certificates

7 Beneficial Features You’re Missing Without a Certificate Lifecycle & PKI Operations Platform

Posted by Sami Van Vliet on Mar 30, 2018 2:40:07 PM

Overwhelmed by manual Public Key Infrastructure (PKI) & certificate management processes? Burdened with worry of rogue certificates or certificate-related outages? Worried you've lost all control of your PKI? Stop losing and start gaining control by actualizing the features and benefits not available when manually managing your digital certificates and PKI.

Read More

Topics: expired digital certificates, PKI management, efficient certificate management

How to Gain Guaranteed ROI with a Managed PKI

Posted by Chris Hickman on Mar 23, 2018 10:05:44 AM

What is a Managed PKI? - Your PKI, Our Management and Service
CMS Sapphire™ professionally managed Public Key Infrastructure (PKI) from Certified Security Solutions (CSS) allows you to maintain complete control over the use of your Root CA keys and PKI recovery materials while transferring day-to-day PKI management and oversight to experts.

Read More

Topics: Managed PKI, Public Key Infrastructure, ROI PKI, managed public key infrastructure

Automating SAN Compliancy with CMS 5.0

Posted by Jonathan Ossovicki on Mar 1, 2018 4:52:41 PM

Chrome 58 Patch Stirs up Controversy and Commotion

A few short months ago Google released a patch (v.58) on its widely used Chrome browser. This patch being released forced us all to question the way we are doing certificate issuance and retroactively broke a lot of browser and webserver connections simultaneously.

Read More

Efficient Digital Certificate Management with APIs

Posted by JD Kilgallin on Feb 23, 2018 10:47:23 AM

A good API makes the difference between a software application and a software platform. Without an API, a software product is a special-purpose tool for a pre-defined set of specific operations. With a good API, though, it can become a powerful, modular platform with capabilities that go well beyond what its developers originally imagined. Tasks that otherwise require thousands of clicks and keystrokes can be reduced to a single keystroke to launch a script. And business processes that require multiple software applications can be seamlessly integrated so that the end users don't even have to know what software is being used. This is all true of CMS, and with the launch of CMS 5.0 and the CMS PowerShell SDK, the API-based capabilities of CMS are more powerful than ever and easier to use!

Read More

Topics: digital certificate management, PowerShell, API, PowerShell SDK, efficient certificate management

Leveraging Existing Technology for Flexible and Extensible Certificate Reporting

Posted by Jack Palivoda on Feb 16, 2018 3:40:58 PM

Reporting requests can go on forever, and most software provides the ability to create and deliver reports via an integrated reporting tool. While making reporting easy for third-party vendors, usually this limits customer flexibility to extend reporting to meet specific business needs. These new reports require new investments.

Read More

Topics: Certificate Reporting Tool, PKI, Certificate Management System, Microsoft SQL Server, SQL Server Report Server

A New Look for the Release of CMS 5.0

Posted by Sarah Jaconski on Feb 13, 2018 4:10:59 PM

With CMS 5.0, modernizing the user interface (UI) and improving the user experience was a top priority. The UI pre-5.0 was effective, however CSS has grown as a company and product since, and our UI now reflects our growth in this recent release. As a developer at CSS, I had the responsibility to design the new UI for CMS 5.0, and I am excited to share all the benefits the new UI will bring to our clients.

 

Read More

Topics: Certificate Management System (CMS), User Interface

2018 Predictions for the Internet of Things (IoT)

Posted by Anthony Ricci on Jan 5, 2018 11:32:34 AM

As with any new year, there are with plenty of expectations and predictions.  There is nothing different about this year.  Especially as it relates to the Internet of Things (IoT). With over 20 billion current “connected” devices and an expected 6 trillion dollars by 2020, there are not a “lack” of predictions.  Even less surprising are the security concerns surrounding these devices.  With every new device that is activated, security exposure becomes exponentially greater.

Read More

Topics: IoT, Internet of Things (IoT), IoT Security

PKI and HSMs: 'Kernel memory leaking' Intel processor design flaw

Posted by Rex Wheeler on Jan 3, 2018 9:28:16 PM

At CSS we are all about helping our customers manage their Public Key Infrastructure (PKI). We always recommend that customers store their important private keys using Hardware Security Modules (HSMs) because without an HSM it is hard to protect your keys from malware or misconfigured security in your operating system. It turns out there is another good reason that due to extreme rarity is not considered often: CPU flaws.

Read More

Topics: PKI HSM, HSM, Intel, Kernel memory leaking

Recent Posts

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?