Technical Blog

Advantages of a Professionally Managed PKI

Posted by CSS Technical Team on Sep 22, 2016 1:55:14 PM

Cybersecurity Today

Ever-evolving security challenges are dominating today’s IT landscape. Malicious actors are using every avenue possible to access sensitive and valuable data, from social engineering and DDoS to brute force methods. For example:

Read More

Topics: Public Key Infrastructure, PKI, Public Key Infrastructure (PKI), PKI Managed Service, Managed Services

Old Tricks, New Targets

Posted by Will Clements on Sep 16, 2016 12:23:53 PM

Those of us in the information security field are all too familiar with the effectiveness of social engineering, and while there are still those who readily send money off to strangers from a simple phone call or email, people are generally getting better about not giving out their own personal information. But attackers are quick to adapt and have focused on a different target: your phone carrier. 

Read More

Topics: Mobile Device Hacking, Hacking, social engineering, SIM Card Hacking, T-Mobile SIM Card Hack, mobile carrier hacks

Don’t just manage your certificates - control your Public Key Infrastructure (PKI).

Posted by CSS Technical Team on Sep 8, 2016 9:36:06 AM

Featuring a lesson from the Death Star

Read More

Topics: PKI, Public Key Infrastructure (PKI), Star Wars, Death Star

Top 5 Root CA Key Signing Ceremony Mistakes

Posted by Wayne Harris on Aug 31, 2016 9:03:30 AM

Trust, as it pertains to most components within a Public Key Infrastruture (PKI) is earned. It’s established as the result of some sort of evaluation. An evaluation that often involves a revocation check or policy check.

In the case of the root CA however, trust is *not* earned. In the case of the root CA, trust is assigned. This assigned trust is quite often mandatory from the perspective of subscribers and relying parties.

Read More

Topics: Public Key Infrastructure, PKI, root CA, Root CA Security, Root CA Key Signing Ceremony Mistakes

Infographic: 2016 PKI and IoT Security Predictions

Posted by CSS Technical Team on Aug 1, 2016 3:59:21 PM

In 2016 digital identity cyber crimes have grown exponentially. As businesses continue to brace against cyber adversaries and look to secure the Internet of Things (IoT), Public Key Infrastructure (PKI) is continuing to prove that it is an economical and reliable technology that delivers a secure and high-performance solution. Check out the infographic then the full blog to learn more about why each prediction was made and what it means to your business.

Read More

Topics: digital certificates, PKI, Public Key Infrastructure (PKI), Cyber Security

Who’s Tracking Who, Pikachu?

Posted by Will Clements on Jul 14, 2016 2:32:31 PM

The newly released Pokemon Go by Niantic for mobile devices is all the craze right now. With over 15 million downloads, and 1.6M in daily revenue in the US alone, it has become the most downloaded app of all time. To summarize, the application uses your GPS location to put Pokemon in the world for you to catch, and it places locations in the world to battle your Pokemon or collect items. It’s very much like Geocaching with virtual monsters.

Read More

Topics: Pokemon Go, Pokemon Go security, pokemon go privacy, Pokemon Go location tracking

Infographic: Digital Certificates and Cyber Security Stats

Posted by CSS Technical Team on Jun 21, 2016 3:39:55 PM

In 2016 CSS Research surveyed information security professionals on their current and anticipated digital certificate usage related to enterprise and Internet of Things (IoT) use cases. This infographic outlines key findings from the survey proving the importance of proper Public Key Infrastructure (PKI) and digital certificate usage and management in the fight against cyber crime.

Read More

Topics: digital certificates, PKI, Public Key Infrastructure (PKI), Cyber Security

The Risks of Cryptographic Anarchy

Posted by Wayne Harris on Jun 15, 2016 11:46:34 AM

Why are we talking about assurance?

‘Assurance’ in the realm of PKI, tends to be one of those topics that is almost guaranteed to send a PKI design meeting down a rabbit hole. And unfortunately, many customers prefer the blue pill, rather than committing to an effort commensurate with a rigorous examination of risk, impact and assurance in the certificate space.

Read More

Topics: PKI, Internet of Things, IoT, PKI CA, IoT Security, PKI for IoT

SAP's "The importance of client certificates in IoT"

Posted by Ted Shorter on Jun 9, 2016 1:56:24 PM

Jay Thoden van Velzen from SAP recently published a very interesting blog describing the use of certificate metadata as a mechanism to enhance IoT authentication.  We wholeheartedly agree with the approach.  CSS’ VerdeTTo solution is based on a similar concept, and allows us to leverage the massive scalability and certificate metadata capabilities of our CMS PKI operations management platform to transform certificates and metadata into device identities, attributes, and authenticators.

Read More

Topics: IoT, Internet of Things (IoT), SAP

Let’s Get Physical – Securing Your Enterprise’s Root Certificate Authority

Posted by Max Szaniawski on Jun 1, 2016 10:20:24 AM

Having the privilege to work with some of the best, if not the best PKI and security professionals in the field, I have learned the extreme importance of the practices used in securing the root certification authority (CA) platform. This includes software level security, hardware level security, and physical security.

Read More

Topics: Public Key Infrastructure, PKI, root CA, Securing a root CA, Root CA Security

Posts by Topic

see all

Want to Learn more about CSS?