5 Challenges Of Managing Digital Certificates In The Kubernetes Environment
Debarati Biswas | | certificate authority, Certificate Management, Cybersecurity, DEVOPS, Kubernetes, microservices environments, TLS certificate
Organizations are embracing new cloud-native container services to deliver applications faster and boost business agility. The adoption of containers and container-orchestration systems like Kubernetes has been fueled by the shift towards modern, microservices-based application development and deployment. Kubernetes (K8s), an open-source platform, orchestrates and automates container operations for managing, scaling, ... Read More
Machine Identity Management Risks And Challenges Facing Your Security Teams
Debarati Biswas | | certificate lifecycle management, Cybersecurity, digital certificates, machine identity management, machine identity management solutions
Managing the sheer volume of machine identities accessing enterprise-critical resources is a herculean task. And, the increasing challenge is being fueled by the fast pace of digital transformation, cloud adoption, and IoT. Besides the upsurge in the number and types of machine identities, growing security threats posed by advanced cybersecurity ... Read More
Online Payment Fraud Is On The Rise. Time To Secure Your Transactions With Digital Identity Management
Debarati Biswas | | application delivery controllers, certificate lifecycle management, Cybersecurity, Digital Identity Management, vulnerability and risk management, zero trust
The evolution of the online payment fraud landscape can be observed as a reaction to changing and more damaging fraud tactics, the impact of the pandemic, and the new advanced payment methods in the digital ecosystem. As reported by Juniper Research, 2022, the massive extent of the cumulative merchant losses ... Read More
3 Ways Hackers Can Exploit Your Encrypted Tunnels
Debarati Biswas | | encryption, IP data packets, SSH Keys, TLS/SSL tunnels, Virtual Private Network (VPN)
It wasn’t that long ago when the ‘crown jewels’ of Equifax, the sensitive data, were up for grabs by the hackers who “masked their incursions by using encrypted communications.” Leveraging encryption to gain access to critical data has become a frequent occurrence in recent times. Bad actors forge cryptographic keys ... Read More
Is Your Microsoft CA Running On Windows 2012 R2 Servers? Be Prepared To Migrate
Debarati Biswas | | cloud-based PKI strategy, DevOps agility, microsoft ca, PKI as a Service, PKI migration plan, Windows 2012 R2 Servers
On October 10, 2023, Microsoft will stop providing support for Windows Server 2012, and 2012 R2. Windows Server 2012, which was released in October 2012, reached its original EOS date on October 9, 2018, more than three years ago. Microsoft will discontinue offering bug fixes and technical support for newly ... Read More
Pitfalls Of On-Premises Private PKI: Here Are 6 Things That Could Go Wrong
Debarati Biswas | | ACME, Certificate Lifecycle Automation, certificate revocation, DEVOPS, private pki
Public key infrastructure (PKI) offers a simple yet efficient way of provisioning, managing, and securing machine identities. With identity and trust at its heart and a powerful combination of authentication and encryption capabilities, PKI helps organizations ensure data privacy, integrity, and security as well as authorize, validate, and authenticate digital ... Read More
11 Ways To Defend The Software Supply Chain From Code Signing Abuse
Debarati Biswas | | Certificate Lifecycle Automation, certificate lifecycle management, code vulnerabilities, expired certificates, Private key protection
Recently, a hacker attempted to install a tool for hacking into a customer’s computer by using a fake code signing certificate impersonating the cybersecurity firm Emsisoft. The attacker attempted to spoof or create a fake certificate, using a similar name to Emsisoft, aiming to appear as a legitimate publisher and ... Read More
Certificate-Based Authentication Best Practices For Hardening Enterprise Security
Debarati Biswas | | digital certificates, passwordless-authentication, PKI-based authentication, public-key infrastructure
The multinational company, known to provide identity protection and cybersecurity services, Norton LifeLock notified customers in mid-January that over 6,000 of their customer accounts had been compromised as a result of a “stuffing” attack. Stuffing attacks occur when previously compromised passwords are used to gain access to accounts on various ... Read More