Insights and Outlooks from the Digital Identity Market Leader

    Mar 27, 2017 4:17:51 PM
    SCEP Shortcomings
    Despite the documented shortcomings of the Simple Certificate Enrollment Protocol (SCEP), it is still in widespread use today. This is in large part due to the lack of better options when it comes to certificate enrollment – espec [...]
    Nov 28, 2016 2:06:17 PM
    Fog Computing and the IoT
    Fog Computing: When the Cloud is Not Enough How Do We Manage the Massive Amounts of Data Generated by the IoT? The Internet of Things (IoT) market and its exponential growth are bringing many improvements and considerable revenue [...]
    Nov 20, 2016 10:19:13 PM
    How Cloud-Based Services & IoT Influence PKI Deployments
    The Explosion of Cloud-based Apps and the IoT are Creating the Need to Reinforce PKI Environments  The takeover of the cloud has brought countless businesses to pursue cloud migration over the past few years in an effort to take a [...]
    Apr 26, 2016 11:25:11 AM
    IoT Security Concerns in the World of Healthcare Devices
    Healthcare Devices: Then and Now Healthcare devices through the ages: what was once a cumbersome trip to the doctor for testing, followed by a series of manual documentation steps, is now a convenient, internet-connected wearable [...]
    Mar 18, 2016 11:12:22 AM
    Why is IoT Security So Critical?
    IoT Security: the area of the information security industry aimed at securing devices, data, people and applications within the Internet of things (IoT). What makes IoT Security so important? The growth of internet-connected data, [...]
    Aug 16, 2012 12:27:00 PM
    SCEP Validation Service Integrates With MDM Applications
    CSS recently discovered and published information on a potential privilege escalation attack in SCEP-based Certificate Issuance Systems. After this discovery, CSS created the SCEP Validation Service, which aims to close this attac [...]
    Jul 7, 2012 5:55:35 AM
    Is My MDM Deployment Vulnerable?
    If you’re reading this, there’s a good chance you’ve already seen the reports about the security ramifications of issuing certificates to mobile devices using the Simple Certificate Enrollment Protocol (more information on our sit [...]
    Jun 28, 2012 7:22:00 AM
    CSS UNCOVERS SCEP VULNERABILITY FOR MOBILE DEVICES IN THE ENTERPRISE
    Vulnerability Note VU#971035- Simple Certificate Enrollment Protocol (SCEP) does not strongly authenticate certificate requests CLEVELAND, OH – June 28, 2012. Researchers at Certified Security Solutions, Inc. (CSS), a leading info [...]
    Jun 27, 2012 11:19:38 AM
    How To Use SCEP to Secure Mobile Certificate Management
    It’s been in the works for quite some time, but we are finally able to publicly announce a problem that we’ve encountered, related to the use of the Simple Certificate Enrollment Protocol, or SCEP, in conjunction with mobile devic [...]
    May 16, 2012 8:02:00 AM
    How to Perform a Manual SCEP Client Installation
    The following is an excerpt from my book Microsoft System Center 2012 Endpoint Protection Cookbook, https://www.packtpub.com/virtualization-and-cloud/microsoft-system-center-2012-endpoint-protection-cookbook 
    All posts