Enviar pesquisa
Carregar
New Window of Opportunity
•
Transferir como PPTX, PDF
•
1 gostou
•
358 visualizações
CASCouncil
Seguir
NIST 2013- Certificate Transparency- A Certification Authority's Perspective
Leia menos
Leia mais
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 11
Baixar agora
Recomendados
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
Skoda Minotti
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013
Wolfgang Kandek
Software-Defined Segmentation Done Easily, Quickly and Right
Software-Defined Segmentation Done Easily, Quickly and Right
SBWebinars
Managed firewall service.
Managed firewall service.
Mindtree Ltd.
Simplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS Environment
Engine Yard
INTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONS
Ivanti
Guardicore - Shrink Your Attack Surface with Micro-Segmentation
Guardicore - Shrink Your Attack Surface with Micro-Segmentation
CSNP
Managed Service Brochure
Managed Service Brochure
Len Moncrieffe
Recomendados
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
Skoda Minotti
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013
Wolfgang Kandek
Software-Defined Segmentation Done Easily, Quickly and Right
Software-Defined Segmentation Done Easily, Quickly and Right
SBWebinars
Managed firewall service.
Managed firewall service.
Mindtree Ltd.
Simplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS Environment
Engine Yard
INTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONS
Ivanti
Guardicore - Shrink Your Attack Surface with Micro-Segmentation
Guardicore - Shrink Your Attack Surface with Micro-Segmentation
CSNP
Managed Service Brochure
Managed Service Brochure
Len Moncrieffe
DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)
Michael Scovetta
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
Nandita Nityanandam
IT Service & Asset Management Better Together
IT Service & Asset Management Better Together
Ivanti
Ivanti remote worker ds
Ivanti remote worker ds
Ivanti
Secure Your Data with Fidelis Network® for DLP
Secure Your Data with Fidelis Network® for DLP
Fidelis Cybersecurity
David Klein - Defending Against Nation Sate Attackers & Ransomware
David Klein - Defending Against Nation Sate Attackers & Ransomware
CSNP
The Future of Technology Operations
The Future of Technology Operations
Ivanti
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Security
centralohioissa
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust Principles
ControlCase
A Primer on iOS Management and What's Changing
A Primer on iOS Management and What's Changing
Ivanti
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
NetworkCollaborators
On Common Ground: The Overlap of PCI DSS and Data Protection
On Common Ground: The Overlap of PCI DSS and Data Protection
Tripwire
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
centralohioissa
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
centralohioissa
Fidelis Endpoint® - Live Demonstration
Fidelis Endpoint® - Live Demonstration
Fidelis Cybersecurity
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Onward Security
Best Practices for Cloud Security
Best Practices for Cloud Security
IT@Intel
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud Guidelines
CloudPassage
From Physical to Virtual to Cloud
From Physical to Virtual to Cloud
Cisco Security
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the Application
Cisco Security
Decision criteria and analysis for hardware-based encryption
Decision criteria and analysis for hardware-based encryption
Thales e-Security
141118 Thales contributions and benefits
141118 Thales contributions and benefits
SINTAS
Mais conteúdo relacionado
Mais procurados
DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)
Michael Scovetta
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
Nandita Nityanandam
IT Service & Asset Management Better Together
IT Service & Asset Management Better Together
Ivanti
Ivanti remote worker ds
Ivanti remote worker ds
Ivanti
Secure Your Data with Fidelis Network® for DLP
Secure Your Data with Fidelis Network® for DLP
Fidelis Cybersecurity
David Klein - Defending Against Nation Sate Attackers & Ransomware
David Klein - Defending Against Nation Sate Attackers & Ransomware
CSNP
The Future of Technology Operations
The Future of Technology Operations
Ivanti
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Security
centralohioissa
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust Principles
ControlCase
A Primer on iOS Management and What's Changing
A Primer on iOS Management and What's Changing
Ivanti
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
NetworkCollaborators
On Common Ground: The Overlap of PCI DSS and Data Protection
On Common Ground: The Overlap of PCI DSS and Data Protection
Tripwire
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
centralohioissa
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
centralohioissa
Fidelis Endpoint® - Live Demonstration
Fidelis Endpoint® - Live Demonstration
Fidelis Cybersecurity
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Onward Security
Best Practices for Cloud Security
Best Practices for Cloud Security
IT@Intel
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud Guidelines
CloudPassage
From Physical to Virtual to Cloud
From Physical to Virtual to Cloud
Cisco Security
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the Application
Cisco Security
Mais procurados
(20)
DARPA: Cyber Analytical Framework (Kaufman)
DARPA: Cyber Analytical Framework (Kaufman)
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
IT Service & Asset Management Better Together
IT Service & Asset Management Better Together
Ivanti remote worker ds
Ivanti remote worker ds
Secure Your Data with Fidelis Network® for DLP
Secure Your Data with Fidelis Network® for DLP
David Klein - Defending Against Nation Sate Attackers & Ransomware
David Klein - Defending Against Nation Sate Attackers & Ransomware
The Future of Technology Operations
The Future of Technology Operations
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Security
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust Principles
A Primer on iOS Management and What's Changing
A Primer on iOS Management and What's Changing
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
Cisco Connect 2018 Malaysia - introducing cisco dna assurance-the future of n...
On Common Ground: The Overlap of PCI DSS and Data Protection
On Common Ground: The Overlap of PCI DSS and Data Protection
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Fidelis Endpoint® - Live Demonstration
Fidelis Endpoint® - Live Demonstration
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Best Practices for Cloud Security
Best Practices for Cloud Security
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud Guidelines
From Physical to Virtual to Cloud
From Physical to Virtual to Cloud
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the Application
Destaque
Decision criteria and analysis for hardware-based encryption
Decision criteria and analysis for hardware-based encryption
Thales e-Security
141118 Thales contributions and benefits
141118 Thales contributions and benefits
SINTAS
Protecting application delivery without network security blind spots
Protecting application delivery without network security blind spots
Thales e-Security
Thales e-Security corporate presentation
Thales e-Security corporate presentation
Thales e-Security
SaaS Marketing Plan: 5 Ways to Get your B2B App to Sell Itself
SaaS Marketing Plan: 5 Ways to Get your B2B App to Sell Itself
Lincoln Murphy
Go to-market strategy for B2B SaaS companies
Go to-market strategy for B2B SaaS companies
Guillaume Lerouge
Destaque
(6)
Decision criteria and analysis for hardware-based encryption
Decision criteria and analysis for hardware-based encryption
141118 Thales contributions and benefits
141118 Thales contributions and benefits
Protecting application delivery without network security blind spots
Protecting application delivery without network security blind spots
Thales e-Security corporate presentation
Thales e-Security corporate presentation
SaaS Marketing Plan: 5 Ways to Get your B2B App to Sell Itself
SaaS Marketing Plan: 5 Ways to Get your B2B App to Sell Itself
Go to-market strategy for B2B SaaS companies
Go to-market strategy for B2B SaaS companies
Semelhante a New Window of Opportunity
Myths of validation
Myths of validation
Jeff Thomas
110307 cloud security requirements gourley
110307 cloud security requirements gourley
GovCloud Network
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Hitachi ID Systems, Inc.
Monitoring in the DevOps Era
Monitoring in the DevOps Era
Mike Kavis
security and compliance in the cloud
security and compliance in the cloud
Ajay Rathi
Open Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation Security
agoldsmith1
Improving Quality through Continuous Integration - A case study of CollabNet
Improving Quality through Continuous Integration - A case study of CollabNet
Venkat Janardhanam, MS, MBA
2019 10-app gate sdp 101 09a
2019 10-app gate sdp 101 09a
Cristian Garcia G.
Transforming cloud security into an advantage
Transforming cloud security into an advantage
Moshe Ferber
Rightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public Cloud
RightScale
Should healthcare abandon the cloud final
Should healthcare abandon the cloud final
sapenov
CAs And The New Paradigm Shift
CAs And The New Paradigm Shift
CASCouncil
Logicalis BYOD Briefing
Logicalis BYOD Briefing
Logicalis Australia
CSA Introduction 2013 David Ross
CSA Introduction 2013 David Ross
Graeme Wood
Introduction to CSA Australia 2013 by David Ross
Introduction to CSA Australia 2013 by David Ross
CloudSecurityAllianceAustralia
Compliance in Public Cloud & CSA Framework
Compliance in Public Cloud & CSA Framework
CloudSecurityAllianceAustralia
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS Applications
Techcello
Cloud Security Zen: Principles to Meditate On
Cloud Security Zen: Principles to Meditate On
Samuel Reed
The Tools and Machinery behind the curtain
The Tools and Machinery behind the curtain
Jan Van Bruaene
Security architecture best practices for saas applications
Security architecture best practices for saas applications
kanimozhin
Semelhante a New Window of Opportunity
(20)
Myths of validation
Myths of validation
110307 cloud security requirements gourley
110307 cloud security requirements gourley
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Monitoring in the DevOps Era
Monitoring in the DevOps Era
security and compliance in the cloud
security and compliance in the cloud
Open Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation Security
Improving Quality through Continuous Integration - A case study of CollabNet
Improving Quality through Continuous Integration - A case study of CollabNet
2019 10-app gate sdp 101 09a
2019 10-app gate sdp 101 09a
Transforming cloud security into an advantage
Transforming cloud security into an advantage
Rightscale Webinar: PCI in Public Cloud
Rightscale Webinar: PCI in Public Cloud
Should healthcare abandon the cloud final
Should healthcare abandon the cloud final
CAs And The New Paradigm Shift
CAs And The New Paradigm Shift
Logicalis BYOD Briefing
Logicalis BYOD Briefing
CSA Introduction 2013 David Ross
CSA Introduction 2013 David Ross
Introduction to CSA Australia 2013 by David Ross
Introduction to CSA Australia 2013 by David Ross
Compliance in Public Cloud & CSA Framework
Compliance in Public Cloud & CSA Framework
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS Applications
Cloud Security Zen: Principles to Meditate On
Cloud Security Zen: Principles to Meditate On
The Tools and Machinery behind the curtain
The Tools and Machinery behind the curtain
Security architecture best practices for saas applications
Security architecture best practices for saas applications
Mais de CASCouncil
100 Percent Encrypted Web New Challenges For TLS RSA Conference 2017
100 Percent Encrypted Web New Challenges For TLS RSA Conference 2017
CASCouncil
Six Reasons http Will Become a Thing of the Past
Six Reasons http Will Become a Thing of the Past
CASCouncil
What Kind of SSL/TLS Certificate Do I Need?
What Kind of SSL/TLS Certificate Do I Need?
CASCouncil
Payments Security – Vital Information all Payment Processors need to know
Payments Security – Vital Information all Payment Processors need to know
CASCouncil
TLS Certificates on the Web – The Good, The Bad and The Ugly
TLS Certificates on the Web – The Good, The Bad and The Ugly
CASCouncil
2016 IRS Free e-File Audit & Honor Roll
2016 IRS Free e-File Audit & Honor Roll
CASCouncil
Symantec’s View of the Current State of ECDSA on the Web
Symantec’s View of the Current State of ECDSA on the Web
CASCouncil
CA/Browser Forum—To effect positive changes to improve internet security
CA/Browser Forum—To effect positive changes to improve internet security
CASCouncil
Update on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser Forum
CASCouncil
Extended Validation Builds Trust
Extended Validation Builds Trust
CASCouncil
CA Day 2014
CA Day 2014
CASCouncil
Heartbleed Bug Vulnerability: Discovery, Impact and Solution
Heartbleed Bug Vulnerability: Discovery, Impact and Solution
CASCouncil
New Ideas on CAA, CT and Public Key Pinning for a Safer Internet
New Ideas on CAA, CT and Public Key Pinning for a Safer Internet
CASCouncil
Alternatives and Enhancements to CAs for a Secure Web
Alternatives and Enhancements to CAs for a Secure Web
CASCouncil
Addressing non-FQDNs and new gTLDs in SSL Baseline Requirements
Addressing non-FQDNs and new gTLDs in SSL Baseline Requirements
CASCouncil
State of the Web
State of the Web
CASCouncil
Trust Service Providers: Self-Regulatory Processes
Trust Service Providers: Self-Regulatory Processes
CASCouncil
Certificates, Revocation and the new gTLD's Oh My!
Certificates, Revocation and the new gTLD's Oh My!
CASCouncil
CA Self Regulation
CA Self Regulation
CASCouncil
Nation-State Attacks On PKI
Nation-State Attacks On PKI
CASCouncil
Mais de CASCouncil
(20)
100 Percent Encrypted Web New Challenges For TLS RSA Conference 2017
100 Percent Encrypted Web New Challenges For TLS RSA Conference 2017
Six Reasons http Will Become a Thing of the Past
Six Reasons http Will Become a Thing of the Past
What Kind of SSL/TLS Certificate Do I Need?
What Kind of SSL/TLS Certificate Do I Need?
Payments Security – Vital Information all Payment Processors need to know
Payments Security – Vital Information all Payment Processors need to know
TLS Certificates on the Web – The Good, The Bad and The Ugly
TLS Certificates on the Web – The Good, The Bad and The Ugly
2016 IRS Free e-File Audit & Honor Roll
2016 IRS Free e-File Audit & Honor Roll
Symantec’s View of the Current State of ECDSA on the Web
Symantec’s View of the Current State of ECDSA on the Web
CA/Browser Forum—To effect positive changes to improve internet security
CA/Browser Forum—To effect positive changes to improve internet security
Update on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser Forum
Extended Validation Builds Trust
Extended Validation Builds Trust
CA Day 2014
CA Day 2014
Heartbleed Bug Vulnerability: Discovery, Impact and Solution
Heartbleed Bug Vulnerability: Discovery, Impact and Solution
New Ideas on CAA, CT and Public Key Pinning for a Safer Internet
New Ideas on CAA, CT and Public Key Pinning for a Safer Internet
Alternatives and Enhancements to CAs for a Secure Web
Alternatives and Enhancements to CAs for a Secure Web
Addressing non-FQDNs and new gTLDs in SSL Baseline Requirements
Addressing non-FQDNs and new gTLDs in SSL Baseline Requirements
State of the Web
State of the Web
Trust Service Providers: Self-Regulatory Processes
Trust Service Providers: Self-Regulatory Processes
Certificates, Revocation and the new gTLD's Oh My!
Certificates, Revocation and the new gTLD's Oh My!
CA Self Regulation
CA Self Regulation
Nation-State Attacks On PKI
Nation-State Attacks On PKI
Último
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
lior mazor
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
apidays
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Deepika Singh
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
apidays
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
rafiqahmad00786416
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Dropbox
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
Architecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Khushali Kathiriya
Último
(20)
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Architecting Cloud Native Applications
Architecting Cloud Native Applications
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
New Window of Opportunity
1.
New Window of
Opportunity: Certificate Transparency - A Certification Authority’s Perspective Ben Wilson, SVP DigiCert Ben_at_digicert_dot_com www.digicert.com +1 (801) 877-2100
2.
Introduction
• Goals of Certificate Transparency: – Provide insight into issued SSL certificates – Provide better remediation services – Ensure CAs are aware of what they issue • DigiCert supports the concept of transparent certificate practices and certificate logging: – Voiced our support of transparency early on – Already accessing Google’s log server • Some outstanding areas require discussion prior to advocating industry-wide implementation ©DigiCert, Inc. 2013. All Rights Reserved April 2013
3.
Issuance Flow ©DigiCert, Inc.
2013. All Rights Reserved April 2013
4.
Transparency
• Benefits – Fast detection = better mitigation – Greater visibility = better accountability for domain owners – Visible trust in operations = increased trust for CAs – Greater opportunity for discussion on certificates = improvement in Internet security • Security – Enables detection of problem and mis-issued certificates – Necessary for adequate remediation ©DigiCert, Inc. 2013. All Rights Reserved April 2013
5.
Public Logging
• Public logging was discussed previously in CA /B Forum – Action by a browser was needed to make it happen • Public log shines a light on CAs • Public log provides mitigation – All of the incidents could have been more quickly detected and remediated with CT • Public log helps researchers • Public log is detection in security – Baseline requirements is prevention – Revocation is remediation ©DigiCert, Inc. 2013. All Rights Reserved April 2013
6.
Security Improvement
• Raises awareness of practices – Allows broader observation of a CA’s practices – Allows domain owners to identify illegitimate use of domain names (Early Warning System) • Exposes weak points/players in ecosystem – Enables research to identify improvement areas • Enables trust decisions for domain owners – Self-regulating mechanism for the market ©DigiCert, Inc. 2013. All Rights Reserved April 2013
7.
Other Benefits
• Backward compatible • Driving towards implementation • Expands the existing system – SSL has a proven track record – Lots of institutional knowledge – Increasingly stringent standards • Avoids “unintended consequences” of new technology • Deployed by CAs and Browsers – Web site operator participation is not required ©DigiCert, Inc. 2013. All Rights Reserved April 2013
8.
Implementation
• Obtained REST JSON API from Google (URL reference) • Identified log servers – No new infrastructure • Updated our issuance code to communicate with log server • Created code to verify signed proof on response before embedding into certificate • Modified our certificate profile ©DigiCert, Inc. 2013. All Rights Reserved April 2013
9.
Remaining Questions from
CAs • Number of Proofs – Each proof increases certificate size – Increased certificate size hampers performance • Privacy, competitive business considerations • Level playing field requirement for all CAs • Exemptions for internal certificates • Log accessibility and resiliency of deployment ©DigiCert, Inc. 2013. All Rights Reserved April 2013
10.
Log Server Considerations
Model implementation provided by Google – Uses SQL light for log tree storage – Which CAs can add to a log? – What will be considered a trusted log? Security policy for trusted log operation is needed – Identify desired uptime and performance objectives – Scope broad enough to include entire system (e.g. mitigating disruption due to log compromises) – Perform risk assessment and adopt controls – Policy adoption process needs to be quick / efficient ©DigiCert, Inc. 2013. All Rights Reserved April 2013
11.
Conclusion
DigiCert supports Certificate Transparency because it – Addresses vulnerabilities in the current trust model – Creates transparency and accountability that will lead to prevention and early detection of mis-issuances – Is based on existing technologies that are easily supported with industry coordination – Enhances existing self-regulating mechanisms by leveraging an existing, refined and time-tested CA trust- anchor system while avoiding the “unintended consequences” of new technology in unfamiliar space ©DigiCert, Inc. 2013. All Rights Reserved April 2013
Baixar agora