Jason Soroko’s Post

Now here's a cool exercise. Mapping CLM to CSF 2.0 to outline in detail what gaps exist in your environment due to PKI being unmanaged. We've seen what that means, from SpaceX having to cancel space launches bcs of an expired cert, to Microsoft services going down, to the Bank of England's payment system crashing. PKI is ubiquitous, immutable and highly complex so it's no wonder certs expire all the time. Newer use cases, in addition to changing industry standards (90-day lifecycles), demand management & automation of Certificates at scale. #CLM is the only way to do this in a cost-effective manner and it's the cheapest insurance you'll ever buy against certificate-related outages. #certificates #PKI #cybersecurity #NIST #CSF

In the latest episode of CRN In Depth, CRN cybersecurity reporter Kyle Alspach discusses hot topics from this year’s RSA Conference, like generative AI’s role in cybersecurity and why solution providers need to improve long-term planning. Watch on CRNtv 👇 #RSAC #GenAI

In the latest episode of CRN In Depth, CRN cybersecurity reporter Kyle Alspach discusses hot topics from this year’s RSA Conference, like generative AI’s role in cybersecurity and why solution providers need to improve long-term planning. Watch on CRNtv 👇 #RSAC #GenAI

Session establishment lock&up during replay of CASE Sigma1 messagesAn issue i...An issue in the Certificate Authenticated Session Establishment (CASE) protocol for establishing secure sessions between two devices, as implemented in the Matter protocol versions before Matter 1.... Session, establishment, lock-up, during, replay, CASE, Sigma1, messagesAn, issue, i...

DISA STIGs: The Cybersecurity Guardian of the DoD 🛡️ It's fascinating to see how Defense Information Systems Agency STIGs are playing a crucial role in safeguarding the DoD's IT infrastructure. By enforcing strict security standards, they're ensuring that critical systems remain resilient against cyber threats. While achieving STIG compliance can be a complex task, it's a necessary step to maintain the integrity and security of our digital assets. #cybersecurity #DISA #STIG #DoD #informationsecurity #networksecurity

DISA sets the standard high with their STIG program, a model for other organizations to follow. They’ve also recently been made available to the public to benefit more than just DoD. Check it out: https://lnkd.in/e8chfQgC

View my verified achievement from AttackIQ: Top ATT&CK Techniques.

One of my most embarrassing experiences as a #PKI Engineer was having my environment owned by a pen tester. Shortly after the explosive SpectorOps "Certified Pre-Owned Active Directory" white paper was released, a pen tester was able to obtain a client authentication certificate that contained the identity of an Enterprise Admin! The cert went undetected and unrevoked for weeks until we had a rather uncomfortable conference call with Cyber Security and the pen testers. How I wish PKI Spotlight was available back then! 2 key features of PKI Spotlight would have given my team the visibility to react to or prevent this attack: - Threat Detection: Our one-of-a-kind PKI threat detection engine would have detected and alerted on the vulnerable certificate template - High Value Certificate Detection: PKI Spotlight can monitor your CA in virtually real-time and alert you when certificates that grant potentially powerful entitlements (such as code signing, wildcard TLS and client authentication for privileged AD users). If you're concerned about the security posture of your PKI (and you should be!) I highly recommend that you reach out to info@pkisolutions.com to schedule a demo of PKI Spotlight. You won't be sorry! https://lnkd.in/dBP523cs

Ever considered using Breach and Attack Simulation to cover your DORA requirements for Digital Operational Resilience Testing? Discover Nemesis’ DORA feature in practice in our newest blogpost!

The latest update for #SafeBreach includes "SafeBreach Coverage for AA24-190A