Clik here to view.
Meet Us at Black Hat 2015: Blue Coat and Venafi Security Experts Discuss How...
It’s going to be an exciting week at Black Hat USA 2015 and we are certainly looking forward to it! Venafi is teaming up with Blue Coat to conduct a technical briefing at Black Hat on how to eliminate...
View ArticleContemplating Health Analogies in Cyber Security & Why We Need The Immune...
Over the past 30 years, we’ve seen many health analogies used across the entire cyber security industry. If you think about it, it does make a lot of sense: just as viruses make humans sick, they too...
View ArticleClik here to view.
IT Security: ♫ It’s all About the Basics, ‘Bout the Basics, No Trouble ♫
Okay—stop laughing, everyone (and I mean everyone) knows I am no singer, but IT Security professionals really need to ensure they have the basics in place and I liked the attention this title brought...
View ArticleClik here to view.
Encrypt Like Everyone is Watching—Decrypt Like No One Is
I just attended Black Hat 2015, and what a great conference it was. I learned that “hackers,” including white hats, grey hats, and black hats, are really interesting people. At Black Hat, I saw...
View ArticleClik here to view.
How Are We Still Talking About Broken Trust?
We live in the age of technology. It is a fast-paced, break-neck ride to deliver great solutions—everything from the largest, complex integrated solution to the single, simple iPhone app. With online...
View ArticleSuperfish: One Step Closer to Sinking our Boat
Original article published at Infosecurity Magazine on August 25, 2015: http://www.infosecurity-magazine.com/opinions/superfish-one-step-closer/ Earlier this year Lenovo got caught installing Superfish...
View ArticleClik here to view.
Research: Clueless Enterprises Miss Certificate Breaches
This article was originally posted by IDG Connect on August 5, 2015 at: http://www.idgconnect.com/abstract/10251/research-clueless-enterprises-miss-certificate-breaches Attacks on digital keys and...
View ArticleClik here to view.
For the 2nd Year Running, PCI SSC Announces Securing Keys and Certificates a...
There has been a dramatic increase in attacks that leverage keys and certificates, and the recent breadth and criticality of vulnerabilities, from Heartbleed to POODLE, underscore the importance of...
View ArticleClik here to view.
The Wild West of Encryption: A Holdup for Keys and Certificates
During my time at PGP which was run by some of the most passionate security trailblazer’s of their time, part of the fight was trying to teach the world that they should encrypt their data. Time and...
View ArticleClik here to view.
Still Using SHA-1? It’s Time to Switch!
Why all of the fuss? SHA-1 was deprecated by NIST from 2011 through 2013 because of its security strength being susceptible to a collision attack. Due to ever increasing computational power, the risk...
View ArticleClik here to view.
Untrusted Certificates—Survey Shows IT Security Pros Know the Risks but Do...
Today, Venafi released a report based on survey findings and analysis, IT Security Professionals Know the Risk of Untrusted Certificates and Issuers, but Do Nothing. The survey was conducted at 2015...
View ArticleClik here to view.
Biometrics Stolen During OPM Breach—Your Fingerprints May No Longer Be Your Own
During what is believed to be the biggest breach in U.S. history, it was reported that along with all of the other sensitive data, over 5.6 million fingerprints were also exposed to the hackers. While...
View ArticleClik here to view.
Venafi Supports Google Certificate Transparency with CA-Agnostic Log and...
Venafi is proud to announce the availability of the Venafi CT log and CT monitor. Key Takeaways Google Certificate Transparency provides safer internet browsing by allowing anyone to scrutinize the...
View ArticleKey and Certificate Security Delivered at the Speed of Business
Stop keys and certificates from slowing innovation. The speed of cloud computing, the demands of internal IT services SLAs, and the explosion of IoT devices must be supported with automated key and...
View ArticleClik here to view.
Take the Guesswork and Complexity Out of Your PKI Update
If your public key infrastructure (PKI) is like that of most companies today, it’s probably outdated. That can be a serious problem. Outdated PKI systems result in errors, missed updates, costly...
View ArticleClik here to view.
Don’t Trust Blindly—Get 20/20 Vision on Your Certificates
Before your view becomes 20/20 from hindsight and you are too little too late, adopt an approach that gives 100% insight. Virtually all enterprises are unaware of how many certificates they have in...
View ArticleClik here to view.
Businesses Are Losing Customers from the Misuse of Keys and Certificates
2015 survey results reveal that unprotected and poorly managed keys and certificates result in a loss of customers, costly outages, failed audits, and security breaches. Key Takeaways Most businesses...
View ArticleClik here to view.
Infographic: New Ponemon Research Reveals Businesses Are Losing Customers Due...
A new report, 2015 Cost of Failed Trust Report: When Trust Online Breaks, Businesses Lose Customers, was released today by the Ponemon Institute and Venafi, and reveals the damaging impacts on global...
View ArticleClik here to view.
Why the Security Workforce Needs Qualified Women….AND Men
Over the past 30 years of being in information technology and security, it has always been obvious that there is a huge need for diversity in this field. It’s a common topic that comes up often,...
View ArticleClik here to view.
Securing Online Gaming with the Immune System for the Internet
The Cyber Spotlight: Securing Online Gaming 2015 event is happening on October 6th in London, UK. It is a one day event focusing on threats and solutions pertaining specifically to online gaming....
View ArticleClik here to view.
Here’s How to Secure the Internet’s Shaky Foundation
The foundation of the internet, DNS and PKI-SSL, is now threatened by attacks using SSL/TLS keys and certificates. We need an Immune System for the Internet to identify and neutralize key and...
View ArticleClik here to view.
Infographic: New SANS 20 Requirements for SSL/TLS Security and Management
The SANS Institute, realizing the critical nature of security risks to SSL/TLS, has added several requirements related to SSL/TLS management to Critical Security Control 17: Data Protection. From...
View ArticleClik here to view.
The Internet of Things: It’s All About Trust
The original article was published at Dark Reading on October 16, 2015. As billions of devices come online, it will be critical to protect the keys and certificates we use for authentication,...
View ArticleClik here to view.
It’s Time to See Mobility in a New Light
While more and more employees are using their own phones, tablets, and other mobile devices for work, these practices often keep enterprises in the dark about mobile device access to enterprise data...
View ArticleClik here to view.
There is Security Kryptonite on Your Sticky Note
I've had the pleasure of working with a lot of security professionals in my time with security software and there is a reoccurring trend: People have an inherent craving for simplicity and often give...
View ArticleClik here to view.
The New NIST Paper on SSH Needs to Be at the Top of Your Reading List
Virtually every enterprise uses Secure Shell (SSH) as the administrative protocol for secure, remote access to nearly all mission-critical systems. If it’s not Windows or a mainframe, then SSH is used...
View ArticleClik here to view.
LIVE SANS Webinar—Securing SSH Itself with the Critical Security Controls
SANS Institute and Venafi are cohosting a live webinar this Wednesday on the Secure Shell (SSH) network protocol, its vulnerabilities, and how organizations can address these vulnerabilities using SANS...
View Article2015 Retrospective Part 1: 6 Out of 8 Venafi 2015 Cybersecurity Predictions...
It’s that time of the year again: security “predictions” season. But before sharing our 2016 predictions (coming soon), we first want to look back at how we did with our 2015 predictions. What’s our...
View ArticleClik here to view.
Top 6 Venafi 2016 Cybersecurity Predictions: More Encryption Equates to More...
What are the Venafi cybersecurity predictions for 2016? First we must take a quick look at where 2015 has brought us—there were increases in both the use of encryption and in attacks on cryptographic...
View ArticleClik here to view.
New Data Confirms Venafi Analysis that Secretary Clinton’s Email Server Did...
Newly released emails corroborate the forensic analysis conducted by Venafi TrustNet certificate reputation service which concluded that Secretary of State Hillary Clinton did not use encryption on her...
View ArticleClik here to view.
2015 Retrospective Part 2: Venafi Was Painfully Accurate When We Predicted...
We correctly called 6 of the 8 predictions we made for 2015, which isn't bad. But we were absolutely 100% accurate on our overall prediction that attacks impacting the foundation of online...
View ArticleClik here to view.
Venafi Analysis of Snowden NSA Breach Confirmed – 2 Years Later
It's been more than two years since Venafi publicly announced our analysis that Edward Snowden used the NSA's own cryptographic keys and digital certificates to steal the agency's classified data. The...
View ArticleClik here to view.
Internet of Things: The Dangers of Blindly Trusting Keys and Certificates
Originally published as Rise of the Robots: How our love affair with automation could spell the end in Computer Business Review on January 13, 2016. There's an old adage which began its life back in...
View ArticleClik here to view.
Ted Koppel Predicts “Lights Out” in U.S. While Ukraine Power Grid Goes Down
On December 23, 2015, the power grid in the Ukraine was hit with a cyberattack. The outage left a large region of Ivano-Frankivsk without power as a substation went down. They were able to get back...
View ArticleClik here to view.
Unplanned Outages Are Painful: The Unsexy Security Story that Everyone Should...
Say it with me—UNPLANNED OUTAGES ARE PAINFUL! Of course, we all know this. The question is, do we all know why they happen and how to prevent them? Most likely not. Outages, also referred to as...
View ArticleClik here to view.
Using Certificates to Secure the Rising Tide of Mobile Apps
Those who have been in the IT industry for 20 years or more will have witnessed enough changes to fill the sea twice over. Each change is necessary, but some are more interesting than others. For...
View ArticleClik here to view.
Venafi at RSA Conference 2016: Bringing You the Best in Internet Security
We are ready to see you at RSA Conference 2016 in San Francisco. We’re bringing in the team from around the US, including our CIO/CISO Tammy Moskites, so we’re ready to talk and help you understand how...
View ArticleClik here to view.
Internet Hijacked: If Hacked by Government Access Using Apple Code-signing...
The FBI wants Apple to break our system of trust A California magistrate has ordered Apple to help the FBI gain access to an iPhone that was used by one of the terrorists in the 2015 San Bernardino...
View ArticleClik here to view.
Venafi at RSA 2016: Breaking Closed Systems with Code-Signing
There is an abundance of use cases in which code signing using certificates has become more critical to prove to end users that they can trust the source and the integrity of the installed code. From...
View ArticleClik here to view.
CIOs Wasting Millions on Cybersecurity that Doesn’t Work: Keys and...
Top CIOs acknowledge they are wasting millions (take your pick – BSPs, EURs, or USDs) on layered security defences because these technologies blindly trust keys and certificates, according to research...
View ArticleClik here to view.
Infographic: Crumbling Cybersecurity—CIOs Are Wasting Millions
CIOs admit to wasting millions on inadequate security controls. Why? There is a fundamental flaw in their cybersecurity strategy that is letting cybercriminals bypass their defenses in over half of...
View ArticleClik here to view.
RSA 2016: Threats to Cybersecurity Are Making Headlines
RSA 2106 did indeed shape up to be an interesting event. With a hospital in Los Angeles being held hostage by hackers with ransomware and Apple defending its operating system against the federal...
View ArticleClik here to view.
RSA 2016: How Your Security Foundation Crumbles If Your Keys and Certificates...
Cybercriminals are targeting your organization with attacks that misuse keys and certificates to infiltrate your network. And you can’t detect them because they are hiding in encrypted traffic. In...
View ArticleClik here to view.
How to Remediate: DROWN Attack – OpenSSL HTTPS Websites are at Risk – Are You?
A new OpenSSL vulnerability, DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) was announced earlier this week and it’s affecting servers using SSLv2. This is truly a huge business risk due...
View ArticleClik here to view.
Making Fast IT Secure with Key and Certificate Automation
This is the first of two technical blogs that discuss FAST IT and its impact on security. We understand that the development landscape is changing rapidly and we are here to help you to keep pace with...
View ArticleClik here to view.
What Apple vs. FBI Means for the Global 5000
The Bottom Line: Global 5000 organizations must know where all keys and certificates are used, who is responsible for them, and how to continuously protect them. In February 2016, a U.S. court ordered...
View ArticleThe U.S. Federal Government’s Biggest Cybersecurity Challenge
The biggest challenge facing cybersecurity professionals in Federal agencies is, well, the Federal government. There are sweeping mandates to keep agencies secure. But the funding to back that guidance...
View ArticleOne Year After Office of Personnel Management (OPM) Breach, Federal Agencies...
This week is the 1-year anniversary of when the government revealed in June 2015 that the Chinese had attacked the U.S. Office of Personnel Management (OPM). Attackers stole over 20 million records of...
View ArticleClik here to view.
Three Steps that Stop the Speed of DevOps from Introducing Security Risk
The digital world is changing the way businesses work with their customers, partners, and employees. This digital transformation leverages DevOps speed, agility, and innovation to capitalize on market...
View ArticleClik here to view.
Infographic on Fast IT: Securing DevOps at the Speed of Business
Earlier this year, Gartner research showed that 60% of organizations are using DevOps or will soon. Businesses are adopting bimodal IT—relying both on traditional (slow) IT as well as “Fast IT.” Fast...
View Article