Jason Soroko is an experienced security technology innovator, responsible for the product team that drives innovation at Sectigo. He is responsible for interfacing with customers, researching, innovating, educating, and contributing to strategy, national-level guidance, intellectual property development, and consortium standards. Solving real business problems by synthesizing state-of-the-art security with real-world operational needs is what Jason does best.
Recent posts from Jason Soroko
Webinar
Bugzilla – the real issue of missed revocations
May 22, 2024
March and April 2024 have seen more than 25 new Bugzilla bugs being written up – more than 10 times the typical pace.
Podcast
Root Causes 386: Meta Commits MITM Attack On Its Users
May 13, 2024
In 2016 Meta (then Facebook) set up a system to get around encryption and spy on traffic between its users and competing social media platforms.
Podcast
Root Causes 385: Failed Revocation and Wildcard Certificates
May 10, 2024
We discuss misuse of wildcard certificates, failure to revoke on time, and how these two failures magnify each other.
Podcast
Root Causes 384: So What Is a Senior Fellow Anyway?
May 07, 2024
Jason has a new title, Senior Fellow. In this episode Jason explains what his new focus will be and how this will be good for Root Causes.
Podcast
Root Causes 383: Delayed Revocation Events by the Numbers
May 02, 2024
An epidemic of delayed revocations has infected the public CA community. We track delayed revocations since the beginning of 2021 and discuss root causes.
Podcast
Root Causes 382: Mobile Phone Malware Steals Faces for Access
Apr 29, 2024
New malware photographs users' faces to defeat authentication mechanisms. Biometrics are not "secrets."
Podcast
Root Causes 381: Apple Chip Sideloading Attack Leaks Encryption Keys
Apr 26, 2024
A newly revealed side channel attack enables theft of private keys from M-series Apple chips. We explain.
Podcast
Root Causes 380: If Quantum Supremacy Comes Earlier Than Expected
Apr 23, 2024
We talk about the challenges to PQC migration and what happens if quantum computers break RSA before we're expecting them to.
Webinar
Webinar: An introduction to managed private CAs
Apr 18, 2024
An introduction to managed private CAs: the common use cases of private CAs, helping to provide tighter control of authentication with digital certificates