Certificate based authentication News
March 18, 2016
Roundup: Google pushes efforts on HTTPS, Certificate Transparency and more to safeguard the Web with encryption, while other tech firms are eyeing more, stronger encryption.
December 23, 2015
Increasing desire to be rid of SHA-1-signed certificates causes Google to join Microsoft, Mozilla in a likely acceleration of Chrome SHA-1 deprecation by six months.
December 14, 2015
Symantec announced it will retire one of its root certificates because it was based on older security, and Google made sure users knew the risks.
November 24, 2015
Dell issued a fix for a root certificate similar to Superfish that could potentially allow attackers to intercept encrypted private data on its PCs.
Certificate based authentication Get Started
Bring yourself up to speed with our introductory content
The upcoming release of Windows Server 2016 adds a secure boot option for Linux VMs. Continue Reading
It's tough to tell what the best IoT certifications are since the field is new and expanding. Expert Mike O. Villegas shares the best IoT security certificates available today. Continue Reading
Now that vSphere 6 Update 1 has been out for some time, here are all of the new features and improvements it brings to vCenter. Continue Reading
Evaluate Certificate based authentication Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Any website that collects or transmits sensitive information must be protected by Secure Socket Layer encryption. SSL and its successor, Transport Security Layer (TLS), are security protocols used to create an encrypted link between a server and a client on the Internet, typically between a Web server and a Web browser. Failing to employ SSL/TLS can result in lawsuits and possible penalties should visitor data be compromised. Likewise, reputation damage can greatly impact future business.
This Buyer's Guide explains SSL and TLS technology in general and the types of SSL certificates available today. It also reviews features to consider and offers insights on how to determine the best SSL for a particular enterprise.
Infosec pros and others who study this guide will come away with a more thorough understanding of SSL/TLS and be able to better identify what their company needs when in the market for SSL.Continue Reading
To choose the best SSL for your enterprise, you need to stay up to date on SSL/TLS encryption developments. Learn why SSL/TLS remains a vital technology and how to determine the approach that will work best for your company. Continue Reading
Is the Dell eDellRoot security threat a serious problem and, if so, can it be prevented with self-signed root certificate authorities? Expert Michael Cobb explains the potential threats. Continue Reading
Manage Certificate based authentication
Learn to apply best practices and optimize your operations.
MiTM attacks are including wireless networks among their targets, targeting vulnerabilities in applications, browsers, mobile, IoT and the cloud. Continue Reading
Flaws in the AFNetworking code library threaten iOS app security. Expert Michael Cobb explains how to prevent falling victim to the flaws. Continue Reading
SSL subscription services are emerging to help enterprises handle the daunting task of SSL certificate management. Expert Michael Cobb discusses the benefits of such a service. Continue Reading
Problem Solve Certificate based authentication Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Secure your email with EOP tools like DKIM and DMARC that verify incoming messages aren't spam or spoofs. Avoid unauthorized email with digital signatures and authenticated domains. Continue Reading
Malicious software using legitimate digital certificates is reportedly on the rise. Expert Nick Lewis explains how to mitigate the risks of digitally signed malware. Continue Reading
Transport Layer Security (TLS) and Secure Sockets Layer (SSL) cryptographic protocols have long been the cornerstone of Web application security, and the whole process finds its root (quite literally) in a system of signed certificates. The trouble is this security system has turned into a vulnerability. Too often an enterprise possesses a hodgepodge of signed certificates from various Certificate Authorities (CAs) that are thrown into the directories of protected services, and then often forgotten until they expire. Worse yet, recently hackers have managed to create fake certificates. CAs -- once a seemingly effective answer to ensuring Web security -- are now providing an attack surface for hackers to take advantage of.
This technical guide surveys the CA landscape, opening with a field report on the latest CA security issue, the problem of fake certificates. To help explain the nature of this threat, our second chapter delves into the certificate system, current problems with it, and what enterprise IT staff can do. This guide’s closing chapter examines industry efforts to cope with the threat: TLS 1.3. Through this guide, IT professionals, and especially those concerned with network security, will learn the latest about TLS/SSL security. Continue Reading