Created with Sketch.
Root Causes: A PKI and Security Podcast
28 minutes | a day ago
Root Causes 143: The Four Pillars of Certificate Automation
In this episode our hosts explain the Four Pillars of Certificate Automation: deploy, discover, revoke/replace, and renew. They detail what these pillars entail and why they're important. They also discuss the umbrella capability of visibility, which affects all four pillars.
12 minutes | 4 days ago
Root Causes 142: Removing Street Address and Postal Code from Public Certificates
On March 1 Sectigo will remove street address and postal/zip code information from its public certificates of all types. Our hosts explain the reasons for and advantages of this upcoming change, along with answers to some of the common questions we receive.
19 minutes | 11 days ago
Root Causes 141: The Case for Shorter Certificate Lifespans
Recent years have seen multiple reductions in the maximum term for public SSL certificates. Our hosts are joined by guest Nick France to discuss the benefits of shorter certificate lifespans for both public and private CAs.
20 minutes | 16 days ago
Root Causes 140: SSL Attacks Using BGP (Border Gateway Protocol)
BGP, or Border Gateway Protocol, controls traffic routing on the internet. Real and theoretical attacks over the years have been revealed against BGP with varying levels of success, including recent research on how BGP attacks can be used to improperly obtain DV certificates. Our hosts explain them along with recent industry actions intended to thwart such attacks.
10 minutes | 18 days ago
Root Causes 139 - Exposed Private Keys In CSR Submissions
Public CAs recently have discovered a repeated error whereby certificate subscribers accidentally include the private key along with CSR submissions. Our hosts break down this phenomenon and its implications.
14 minutes | a month ago
Root Causes 138: IoT Cybersecurity Improvement Act of 2020
A new US law called the IoT Cybersecurity Improvement Act of 2020 creates security requirements for IoT devices sold into the US government. Join us as we explain these new requirements and why this law's reach is likely to extend further than the US governmental procurement process.
31 minutes | a month ago
Root Causes 137: SolarWinds Supply Chain Attack and Digital Identity
The SolarWinds Orion supply chain attack is making headlines throughout the tech press. This sophisticated attack includes some unusual manipulations of digital identity and certificates. In this episode we explain how certificates, keys, and identity play into the SolarWinds exploit.
14 minutes | a month ago
Root Causes 136: 2020 Lookback - Quantum Safe Certificates
In the third of our year-end lookback episodes, we discuss 2020's progress in the quest for quantum-safe encryption. This includes narrowing the NIST candidate list down to fifteen algorithms, the availability of test hybrid certificates, and the trouble with long-lived IoT devices. Our hosts predict what 2021 will look like for quantum-safe certificates.
25 minutes | a month ago
Root Causes 135: The Heartbleed Vulnerability
In April 2014 a software vulnerability called Heartbleed was discovered in OpenSSL. Heartbleed made it possible for attackers to send commands to web servers and steal their private keys. Certificate subscribers around the world had to scramble to patch their servers and replace certificates by the millions. Guest Nick France joins us to explain this vulnerability, its consequences, and whether or not a Heartbleed-like vulnerability could occur today.
24 minutes | a month ago
Root Causes 134: 2020 Lookback - SASE and Zero Trust Architecture
2020 was a big year for SASE (Secure Access Service Edge). Our hosts define SASE, ZTNA (Zero Trust Network Architecture), and SDP (Software Defined Perimeter). Our hosts discuss how these technology principles gained momentum in 2020 and why they are poised for continued growth in 2021.
24 minutes | 2 months ago
Root Causes 133: 2020 Lookback - COVID-19
In 2020 the COVID-19 pandemic changed the way we work. IT departments had to gear up for near-ubiquitous work-from-home (WFH) requirements while maintaining productivity and security. Our hosts talk about the pandemic's affect on employee authentication and access, Zero Trust, IT enablement of retail, immunity passports, and more.
17 minutes | 2 months ago
Root Causes 132: Examining MFA Through Soft Tokens
In our ongoing examination of MFA, our hosts examine authentication through soft-token OTP (one-time passcode). They go over the potential benefits and pitfalls of soft tokens, and compare them to SMS tokens and hard tokens.
17 minutes | 2 months ago
Root Causes 131: Apple OCSP Slowdown Explained
The recent release of Apple's Big Sur OS appears to have driven a temporary slowdown in the company's OCSP responders, affecting code updates across all Apple operating systems. Guest Nick France joins us to explain what appears to have happened and why.
16 minutes | 2 months ago
Root Causes 130: How to Get Rid of Password Breaches
Massive password breeches have been so repeatedly prevalent for so many years that as an industry and a society we've just started to accept them as a fact of life. In this episode we discuss the weaknesses of passwords as a strategy and why they nonetheless are so common even today. We describe the roadmap for eventually weeding out passwords from most systems.
15 minutes | 2 months ago
Root Causes 129: Examining MFA Through Hard Tokens
Hard tokens are one of the oldest multi-factor authentication (MFA) form factors there is, and still in use today. In the latest in our series of explorations of MFA strategies, we examine the strengths and weaknesses of hard tokens as an MFA strategy.
15 minutes | 2 months ago
Root Causes 128: What Is Total Certificate Agility?
First we had crypto agility, which is how we ensure our cryptography stays current with the needs of security. Expanding on this concept, industry leaders are now looking at certificate agility, which is building our systems so that all certificates are known, current, and immediately replaceable. Our hosts explain certificate agility, why it's important, and what you need to do to achieve it.
14 minutes | 3 months ago
Root Causes 127: What Does a Chief Compliance Officer at a Public CA Do?
Our co-host Tim Callan has changed his title to Chief Compliance Officer. Join him and co-host Jason Soroko as they discuss what compliance means at a public Certificate Authority (CA) like Sectigo and what the Chief Compliance Officer does.
18 minutes | 3 months ago
Root Causes 126: IoT Ransomware
New research shows how ransomware attacks could be launched against IoT devices. Our hosts are joined by Alan Grau to understand these attacks and what can be done to defend against them, including technical controls such as strong identity and embedded firewalls.
11 minutes | 3 months ago
Root Causes 125: Digital Identity Versus IAM
Digital certificates and PKI provide digital identity and access. Identity and Access Management (IAM) is a huge technology category featuring major players like Okta, DUO, and Ping Identity. And despite the fact that they feature a lot of the same words in their descriptions, these two categories are entirely different spaces that do entirely different things. In this episode we explain the difference between digital identity certificates and IAM platforms and how they fit in together.
10 minutes | 4 months ago
Root Causes 124: Biometric MFA
As part of our ongoing series on the pros and cons of various forms of multi-factor authentication (MFA) in this episode we explore biometrics. Our hosts discuss their strengths and weaknesses and the idea that biometrics are more about proof of possession than identity authentication.
Terms of Service
Do Not Sell My Personal Information
© Stitcher 2020