The PKI Blog

Unveiling PKI Spotlight: Industry’s first and only real-time PKI monitoring and alerting solution

By ThePKIGuy | Mar 14, 2022

By Mark B. Cooper & Nick Sirikulbut Today, we’re excited and proud to announce the launch of PKI Spotlight, the industry’s first and only real-time PKI monitoring and alerting solution. This revolutionary product provides important information about the availability, configuration, and security of all of your organization’s PKI environments – all consolidated into one easy-to-use…

Read More

PKI Revelations Episode 2: The Genesis of Project Moonshot

By ThePKIGuy | Feb 28, 2022
PKI Spotlight - Realtime PKI Monitoring and Alerting

Editor’s Note: This is the second blog post in a series of posts from us that will focus on our PKI Revelations.   How did Project Moonshot get started? Here’s the back story.   The PKI Solutions team has been working side-by-side with you in the Public Key Infrastructure trenches for many years and we’ve…

Read More

PKI Revelations Episode 1: We Were Wrong

By ThePKIGuy | Jan 18, 2022

Editor’s Note: This is the first blog post in a series of posts from us that will focus on our PKI Revelations. Trigger Alert: These blog posts may be real, raw, and controversial (but no PKIs were harmed in the writing of these posts). We hope you join us for the fun and read along!…

Read More

Happy New Year from PKI Solutions!

By ThePKIGuy | Jan 2, 2022
Mark Cooper President & Founder PKI Solutions

Happy New Year! New Year, New Way to PKI As we kick off the New Year, Mark B. Cooper, President & Founder of PKI Solutions, shares his thoughts about the past year and provides a look forward at the year ahead. 2021 was a transformative year for PKI Solutions as we continued to evolve our…

Read More

Enabling Active Directory Certificate Services (ADCS) advanced audit

By Vadims Podāns | Aug 12, 2021
Vadims Podans PKI Developer

Hello S-1-1-0, here is another unscheduled blog post on enabling advanced audit in Microsoft CA. Today I went through another thread on Twitter which suggests how to enable advanced audit in Microsoft CA. Throughout the thread it was apparent that only partial solution was provided. Windows CA auditing engines Microsoft CA implements a set of…

Read More

Crafting a dummy certificate with specific serial number in Microsoft ADCS

By Vadims Podāns | Aug 9, 2021
Vadims Podans PKI Developer

Today I went through a thread on Twitter with claims that there is no supported way to revoke a rogue certificate with known serial number in Microsoft CA. TL;DR skip to next section The long story short: the thread originally was focused on an OCSP deterministic response support. The idea behind this is that by…

Read More

Microsoft Security Advisory for ADCS exploit – ADV210003

By ThePKIGuy | Jul 26, 2021
PKI Solutions Logo

This morning we provided details to our existing support and co-management customers on a recent notice of vulnerability to certain Microsoft ADCS configurations. The exploit involves NTLM and leveraging some ADCS PKI components. Full details can be found here: https://msrc.microsoft.com/update-guide/en-US/vulnerability/ADV210003. Summary In environments with NTLM authentication still enabled in Active Directory and when using ADCS…

Read More

Cyber Attacks, Code Signing, and the Digital Supply Chain

By Carolyn Ballo | Jul 26, 2021

Hello again! Welcome to my second blog.  Going to shift gears a bit from my personal PKI journey to discuss cyber-attacks. With the recent SolarWinds and Colonial Pipeline incidents, cyber-attacks have been dominating the news.  These are just two of the latest in a string of attacks that are becoming all too frequent.  These assaults…

Read More

Targeting the Extended Supply Chain – a Brief Review of Stuxnet

By Peter DiToro | Jul 8, 2021
Peter DiToro Strategic Advisor For PKI Solutions

In November, 2010 Iranian president Mahmoud Ahmadinejad announced that a “cyber weapon” had been deployed against the Natanz nuclear laboratory. Indeed, some infosec pundits subsequently referred to the attack, called “Stuxnet”, as the first true cyber weapon to be used in anger. While that may be debatable, what is not in question is the design,…

Read More

1 Comment

  1. […] Solutions for their excellent posts on PKI in Active Directory, as well as their PSPKI PowerShell module, which our auditing toolkit is based […]