-
Podcast Dec 05, 2023
Root Causes 345: Apple Versus European Sideloading
The European Union is applying pressure to Apple to allow application sideloading. We cover why this is occurring, potential dangers, and Apple's response.
-
Podcast Nov 29, 2023
Root Causes 344: Introducing the PQC Onramp
NIST continues the search for PQC algorithms, especially those using non-Lattice schemes. We explain the PQC "onramp" and what we should expect.
-
Blog Post Nov 22, 2023
How can a user be sure software has not been tampered with during the distribution process? We need a verification process Code Signing enhances trust and prevents the spread of malware and are proven to be reliable and sure over decades of widespread use. However, did you know about the recent standards update that added a hardware token requirement? Here's how a token can help you improve security.
-
Podcast Nov 22, 2023
Root Causes 343: The EIDAS 2.0 Controversy
A controversial aspect of the upcoming eIDAS 2.0 standard is that it limits browsers' ability to determine their own trusted roots. We explain.
-
Blog Post Nov 20, 2023
Should you purchase all your digital certificates from one Certificate Authority (CA) or get them from different ones?
Let's explore the pros and cons of using multiple CAs and how a robust, CA-agnostic Certificate Lifecycle Management (CLM) platform allows you to enjoy the benefits that several different CAs provide.
-
Blog Post Nov 17, 2023
Most organizations face increasingly complex IT environments with growing numbers of security credentials. This often hampers IT efficiency and poses increasing risks of intrusion and data breach. Plus, ensuring everything complies with the latest policy and compliance requirements is time-consuming and labor-intensive.
-
Podcast Nov 17, 2023
Root Causes 342: Don't Change Your Password for Two Years
The CA/Browser Forum rules stipulate how often forced password changes for CA employees are to occur. They set a MINIMUM time. Join us to learn why.
-
Webinar Nov 16, 2023
How to build a crypto-agile security organization
Join our webinar to learn what it takes to be truly crypto-agile and the benefits it brings to an organization.
-
Blog Post Nov 13, 2023
Secure Sockets Layer/Transport Layer Security (SSL / TLS) certificates are the gold standard in securing online data exchange. But how can you be sure that the website you share your sensitive information with is indeed who they say they are?
-
Podcast Nov 13, 2023
Root Causes 341: The Trouble with Security Questionnaires
The practice of sending security questionnaires to technology vendors is exploding, and with it dysfunctional behavior is on the rise.
-
Blog Post Nov 10, 2023
Multi-factor Authentication (MFA) is a security principle that requires multiple authentication factors before granting users access to a system. For example, a user may have to submit a username, a password, and a security code texted to their phone before they can connect to a web application.
-
Blog Post Nov 09, 2023
Crypto-agility lets systems adapt cryptographic methods rapidly, ensuring security amid evolving threats. Achieve it with robust management practices.