PKI Spotlight now has over 90 Best Practice alerts with its latest release. The latest release of PKI Spotlight includes over 90 best practice alerts, representing a significant advancement in PKI management. These alerts further strengthen the platform’s ability to identify and address potential security weaknesses, ensuring the integrity and reliability of PKIs. By leveraging…
Read More
Digital Trust and IT Security: Empowering Your Organization Finding a solution to Public Key Infrastructure (PKI) challenges is not always “one-size-fits all”. Tons of factors come into play, but one thing is certain: In today’s digital world, organizations of all sizes rely on PKI to ensure secure communication and protect critical business functions. PKI acts…
Read More
Hello everyone, long time no see. I’m still extremely busy on my main job stuff, specifically PKI Spotlight commercial product development, so my blogging has slowed, and I’m here again! Prologue Disclaimer: This post contains steps and information that can lead to legal issues with your employer and lawsuits if you execute them in a…
Read More
Active Directory Certificate Services (ADCS) plays a crucial role in securing digital assets within organizations. However, even a single device can introduce vulnerabilities in the PKI (Public Key Infrastructure) environment. Understanding, implementing, and securing ADCS can be challenging, requiring organizations to proactively address potential risks. In this blog post, we will explore the risks associated…
Read More
The use of MS Active Directory Certificate Services (ADCS) is crucial for the secure operation of modern enterprises. However, it is vital to keep up with potential vulnerabilities that may arise within ADCS environments. This whitepaper highlights two critical vulnerabilities that affect ADCS environments and provides actionable steps to address them. Vulnerability 1: Man-in-the-Middle (MiTM)…
Read More
Hello everyone, here is my next blog post after a long delay. While I’m working on PKI Spotlight product, I never forget about open-source products and a lot was changed without much announces since the work is still in progress. Today I want to inform about my next effort and it is a big one.…
Read More
Abstract Public Key Infrastructure (PKI) and Certificate Authorities (CAs) play a crucial role in digital security, ensuring the authenticity and integrity of online communications. However, PKI and CA environments are vulnerable to various authentication risks, including password fatigue, which can compromise the security of an organization’s sensitive data. This guide provides insights into these risks…
Read More
Hey Kids, Rock and Roll! Two of the most reliable toolsets in Windows for the last two decades have been the tandem of certutil.exe and certreq.exe. It’s no secret there are a wealth of very useful functions exposed in the basic usage of these tools, also documented publicly here: certutil.exe public documentation certreq.exe public documentation…
Read More
Mismanagement of certificate templates is one of the lowest of the low-hanging fruits when it comes to ADCS threat vectors. Among other things, a misconfigured certificate template can lead to a threat actor obtaining a certificate which could be used for privilege escalation up to and including Enterprise Administrator! As you can imagine, it’s a…
Read More
[…] Solutions for their excellent posts on PKI in Active Directory, as well as their PSPKI PowerShell module, which our auditing toolkit is based […]