Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fixing TLS Scott Rea VP GOV/EDU Relations & Sr. PKI Architect.

Published byAnis Murphy Modified over 8 years ago

Similar presentations

Presentation on theme: "Fixing TLS Scott Rea VP GOV/EDU Relations & Sr. PKI Architect."— Presentation transcript:

1 Fixing TLS Scott Rea VP GOV/EDU Relations & Sr. PKI Architect

2 Is SSL Still Secure? Not according to the media…

3 Is SSL Still Secure? Some high profile stories: – DigiNotar – Theoretical attacks: BEAST, CRIME, BREACH, etc. – Weak cipher suites – Weak algorithms – Weak private keys – NSA and the Snowden revelations What do most potential exploits have in common? They rely on improper SSL implementation.

4 What can we do better? 51% of enterprises do not know all of the keys and certs on their network *. About 2 in 3 enterprises still use ciphers vulnerable to BEAST. Most have migrated to 2048-bit key sizes or higher. SHA-1 to SHA-2 migration is next. * Based on research by Ponemon Institute

5 Better implementation is still needed

6

7

8

9

10

11

12

13

14

15 Our tool can help To download and use the free DigiCert Certificate Inspector, contact us at: +1-801-701-9690 https://www.digicert.com/cert-inspector.htm

Download ppt "Fixing TLS Scott Rea VP GOV/EDU Relations & Sr. PKI Architect."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –

Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –
1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.

1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.
The Dog’s Biggest Bite. Overview History Start Communication Protocol Weakness POODLE Issues.

The Dog’s Biggest Bite. Overview History Start Communication Protocol Weakness POODLE Issues.
GOPAS TechEd 2012 PKI Design Ing. Ondřej Ševeček | GOPAS a.s. |

GOPAS TechEd 2012 PKI Design Ing. Ondřej Ševeček | GOPAS a.s. |
Conventional Encryption: Algorithms

Conventional Encryption: Algorithms
Network Security: Lab#2 J. H. Wang Apr. 28, 2011.

Network Security: Lab#2 J. H. Wang Apr. 28, 2011.
© 2008 T.Zlateva, L.Burstein, A.MacNeil Virtual Laboratories for Learning Real World Security The 12 th Colloquium for Information Systems Security Education.

© 2008 T.Zlateva, L.Burstein, A.MacNeil Virtual Laboratories for Learning Real World Security The 12 th Colloquium for Information Systems Security Education.
Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS

Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.

Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.
ITA, 2.11.2011, 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.

ITA, , 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.
Alternatives to PKI-based SSL on the web Dr. István Zsolt Berta www.berta.hu opinions expressed here are strictly those of my own.

Alternatives to PKI-based SSL on the web Dr. István Zsolt Berta opinions expressed here are strictly those of my own.
Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.
Cryptographic Security Presented by: Josh Baker October 9 th, 2012 1CS5204 – Operating Systems.

Cryptographic Security Presented by: Josh Baker October 9 th, CS5204 – Operating Systems.
+1 (801) 877-2100 Ultralight OCSP Improving Revocation Checking.

+1 (801) Ultralight OCSP Improving Revocation Checking.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
© 2004, The Technology Firm WWW.THETECHFIRM.COM SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic.

© 2004, The Technology Firm SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic.
Secure Teleradiology Nick Collett Brookside Consulting

Secure Teleradiology Nick Collett Brookside Consulting

Similar presentations

Ads by Google