Execs concerned about software supply chain security, but not taking action

Venafi announced survey results highlighting the challenges of improving software supply chain security. The survey evaluated the opinions of more than 1,000 IT and development professionals, including 193 executives with responsibility for both security and software development, and revealed a glaring disconnect between executive concern and executive action. While 94% of executives believe there should […]

Continue Reading

Enterprises average one root access orphan key on every enterprise server

SSH machine identities are critical to digital transformation strategies, as they authenticate privileged access between machines and are ubiquitous across enterprise networks. While CIOs say they are concerned about the security risks SSH machine identities pose, survey data indicates they seriously underestimate the scope of these risks. To better understand the scale of this problem, […]

Continue Reading

Thoma Bravo invests in Venafi to deliver machine identity protection to an expanded customer base

Thoma Bravo announced the completion of its strategic growth investment in Venafi. “We are thrilled to partner with Thoma Bravo at a time when companies around the world are realizing that the foundation of security for all digital transformation initiatives is a solid machine identity management program,” said Jeff Hudson, CEO of Venafi. “Thoma Bravo’s […]

Continue Reading

New infosec products of the week: October 9, 2020

Checkmarx provides automated security scans within GitHub repositories Checkmarx announced a new GitHub Action to bring comprehensive, automated static and open source security testing to developers. It integrates the company’s application security testing (AST) solutions – Checkmarx SAST (CxSAST) and Checkmarx SCA (CxSCA) – directly with GitHub code scanning, giving developers more flexibility and power […]

Continue Reading

Reduced lifespan of TLS certificates could cause increase in outages

Beginning September 1st, all publicly trusted TLS certificates must have a lifespan of 398 days or less. According to security experts from Venafi, this latest change is another indication that machine identity lifetimes will continue to shrink. Since many organizations lack the automation capabilities necessary to replace certificates with short lifespans at machine scale and […]

Continue Reading

URL Hijacking Cases uncovered by Venafi

Venafi, a company that offers a range of solutions to help financial services companies secure their cryptographic keys and digital certificates, has uncovered over 100,000 URL hijacks with valid TLS ( Transport Layer Security) certificates targeting major retailers. Venafi conducted an analysis of lookalike domains targeting 20 major retailers, as the festive season is around […]

Continue Reading

Une étude universitaire révèle l’explosion du marché des certificats SSL/TLS sur le Dark Web

Venafi®, fournisseur de la protection des identités machines, a dévoilé les premières conclusions d’une étude universitaire portant sur la disponibilité des certificats SSL/TLS sur le Dark Web ainsi que leur rôle au sein de l’économie du cybercrime. Source: Undernews Une étude universitaire révèle l’explosion du marché des certificats SSL/TLS sur le Dark Web

Continue Reading