Roman Cinkais’ Post

🔍 How Often Should You Conduct a PKI Maturity Assessment? Conducting regular PKI maturity assessments is crucial to ensure your Public Key Infrastructure (PKI) remains robust and secure. The frequency of these assessments depends on several factors: 📈 Organizational Change: Rapid changes may necessitate more frequent assessments. 🛡️ PKI Criticality: More critical systems require closer monitoring. 🧩 Infrastructure Complexity: Complex PKI setups benefit from regular reviews. 📅 Resource Availability: Balance your assessments with available resources. 💡 Best Practice: Conduct assessments annually or biennially to track progress, enhance maturity, and pinpoint areas for improvement. Stay ahead of potential risks and optimize your PKI with regular assessments! Learn more about PKI Maturity Model: https://pkic.org/pkimm/ #pki #pkimm #pkic #maturity #improvement #assessment #benchmark #guidance PKI Consortium

💡 Should You Assess All Modules and Categories in PKI MM? When determining the scope of your PKI MM assessment, focus on your organization's specific requirements, objectives, and context. While it isn't necessary to evaluate every module and category, it's beneficial to assess the areas most relevant to your PKI and those with the greatest impact on its maturity. For detailed guidance on selecting the appropriate modules and categories, refer to the assessment process. Learn more about PKI Maturity Model: https://pkic.org/pkimm/ #pki #pkimm #pkic #maturity #improvement #assessment #benchmark #guidance PKI Consortium

💡 Looking to discuss the PKI Maturity Model (PKI MM)? Join the PKI Maturity Model Community Discussion, the go-to place for PKI professionals to connect, share insights, and deepen their understanding of PKI MM. Whether you have questions, need advice, or want to contribute your expertise, this community is a valuable resource for collaborative learning and growth. For those eager to play a more active role in the PKI MM initiative, consider joining the PKI Consortium. By participating in working groups and activities, you can directly influence and advance the future of PKI MM. Learn more about PKI Maturity Model: https://pkic.org/pkimm/ #pki #pkimm #pkic #maturity #improvement #assessment #benchmark #guidance

💡 Do I need to report PKI maturity level? Reporting your PKI maturity level isn’t just a checkbox! 🛠️ While not mandated by the PKI Consortium, documenting your PKI maturity level can: 📈 Highlight your current PKI status to stakeholders 🚀 Pinpoint key areas for improvement 📊 Track progress over time effectively Depending on your organization's needs, regulatory requirements, or improvement goals, reporting might be essential. Learn more about PKI Maturity Model: https://pkic.org/pkimm/ #pki #pkimm #pkic #maturity #improvement #assessment #benchmark #guidance PKI Consortium Paul van Brouwershaven Leigh Bailey

💡 In what ways can I contribute to the PKI MM initiative? 🔑 Your Voice Matters: We're inviting you to share your experiences and insights with the PKI Maturity Model (PKI MM). Whether it's feedback, personal experiences, or contributions to the development of our framework and resources, every bit helps! 📊 Share & Learn: By sharing your PKI maturity assessment results, best practices, and case studies, you can aid others in their journey to enhance their PKI systems. Let’s build a robust knowledge base together. 🌐 Join the Movement: Engage in vibrant discussions, advocate for PKI MM adoption within your organization, and participate in our dedicated working groups. Your involvement is crucial for promoting and continuously improving PKI MM. 🔗 Get Involved: Become a part of the PKI Consortium and dive into our PKI MM activities. Together, we can advance the maturity of PKI systems across the board. Learn more about PKI Maturity Model: https://pkic.org/pkimm/ #pki #pkimm #pkic #maturity #improvement #assessment #benchmark #guidance PKI Consortium Paul van Brouwershaven Leigh Bailey

In this webinar we identify and examine the basics of #PKI. In under 20 minutes, learn everything your consultants don't want you know about! ...from Certificate Authorities, to Hierarchies, to CRLs and OCSP, this is the session for anyone looking to better understand Public Key Infrastructure.

What are the benefits of continuous authentication? How is it different from other common authentication methods? Get the answers in this #RSAC blog from Tatyana Sanchez.

Did you know that #securitychampions can boost your #OWASP #SAMM level-up efforts? Join me during OWASP Global AppSec SF on Sept 25th at SAMM User Day for my talk on this very topic! Link in the comments, click "Most recent" to see it! #applicationsecurity #productsecurity #softwaresecurity #securityculture #securityawareness

What is SCEP? Simple Certificate Enrolment Protocol (SCEP) is an open-source protocol that allows devices to easily enrol certificates from a PKI using a securely encrypted URL. It is widely used to make digital certificate issuance at large organisations easier, more secure, and scalable. Cogito Group’s implementation of SCEP, through Jellyfish, is fully compliant with RFC 8894, and the Cryptographic Message Syntax defined within. Read more in our Cogito Knowledge Articles library: https://lnkd.in/gsdPM2cU

#ISC2 #CCSP #CISSP #IDAM Single Sign On User only has to authenticate themselves once and they are authorized to access multiple systems within same domain e.g Kerberos. Federated Identity Management FIM allows access to resources and applications across multiple domains or organizations. OAuth, Open ID Connect and SAML are services that allow secure access of data from one application to another without exposing passwords. OAuth OAuth is the security standard that gives a key to another application to access data on their behalf enabling delegated authorization. Open ID Connect It is an authentication layer built on OAuth 2.0 protocol that allows transparent authentication. Open ID It is an open standard and protocol that allows third party authentication of user. SAML Security Assertion Markup Language allows for exchange of authentication and authorization data to be shared between security domains. Courtesy/ Copyrights: Destination Certification Inc.