About this Event
Effective key lifecycle management is paramount in the realm of cybersecurity, endorsed by NIST and mandated by regulatory bodies such as PCI-DSS. When a private key is compromised, incident handlers must swiftly assess the situation's scope and impact, prioritizing remediation efforts. To achieve this, one needs a verifiable key inventory and robust rotation practices.
In the context of digital certificates for web services, code signing, machine identities, and more, we often scrutinize text fields (subject, validity period, serial number, alternative names, fingerprint) to gauge certificate updates. However, these fields offer context rather than direct representation of the underlying encryption key material.
Join us in this session as we embark on a journey through the intricate landscape of digital certificates. We will explore commonly used fields for certificate inventory, delve into certificate public key materials, and unveil an innovative approach to assess your environments for comprehensive certificate inventory while detecting key reuse.
Event Venue & Nearby Stays
GVSU’s Devos Center for Interprofessional Health (DCIH), 335 Michigan Street Northeast, Grand Rapids, United States