-
Podcast May 11, 2022
Root Causes 222: Consolidation and PKI Solutions
Vendor consolidation is an important topic in IT security. In this episode we discuss this trend and how it affects PKI and digital certificates.
-
Blog Post May 09, 2022
In a world where many different users, mobile devices, and automated processes need to access networked resources, passwords are no longer an effective method to authenticate every single identity in an organization. Sophisticated attacks like phishing, keyloggers, and brute force cracking are highly capable of stealing passwords. Overall, this creates a very real scenario where passwords have become an outdated form of authentication with weak security, bad user experience, and added helpdesk burden all rolled into one.
-
Podcast May 05, 2022
Root Causes 221: What Are SSH Keys?
SSH (Secure Shell) keys are ubiquitous for authenticated access to Linux systems. We explain what these keys are and how they're used.
-
Podcast May 02, 2022
Root Causes 220: The Difference Between OTP and Passwordless
In this episode we clarify the difference between OTP services and passwordless authentication.
-
Podcast Apr 27, 2022
Root Causes 219: New Quantum Cryptography Legislation Introduced
Proposed legislation in the House of Representatives mandates that federal agencies begin preparation for new quantum resistant cryptographic algorithms.
-
Webinar Apr 21, 2022
Certificate Lifecycle Management for SSH Certificates Webinar
Learn how certificate lifecycle management for SSH offers organizations cost-savings and fine-grained controls over IT server administration.
-
Podcast Apr 20, 2022
Root Causes 218: PKI Nomenclature Oddities
Every technology space has its jargon. We go over interesting, ambiguous, or amusing terms that are specific to the PKI and digital certificates industry.
-
Podcast Apr 14, 2022
Root Causes 217: What's the Deal with the Recent Okta Security Breach?
A hacking group recently announced a breach of Okta systems, potentially compromising Okta customers. We walk through the attack and its significance.
-
Podcast Apr 11, 2022
Root Causes 216: What Is crt.sh?
A foundational tool for monitoring public SSL certificates is crt.sh. We explain what crt.sh does and why it is so popular with SSL industry watchers.
-
Podcast Apr 08, 2022
Root Causes 215: Passwordless Authentication and Legacy Systems
Those using passwordless authentication frequently employ legacy systems that cannot support this scheme. We detail steps to mitigate this problem.
-
Podcast Apr 05, 2022
Root Causes 214: New DUO MFA Flaw Explained
A recent FBI warning cautions organizations about exploits based on misconfigured DUO MFA. We explain this exploit and why it is noteworthy.
-
Podcast Mar 31, 2022
Root Causes 213: 600-domain Phishing Attack
A recent phishing campaign encompassed 600 unique domains. We discuss the implications of a campaign of this scale and high level of organization.