Featured

AI and open source coding- do the benefits outweigh the risks?
Ivan Wallis, Allison Schuh
AI and open source code is making waves in the development world, providing teams with the ability to speed up their development process to keep pace with the fast-paced digital economy. But at what cost - If security cannot keep up with development speeds, what risks are organizations putting themselves in?
With AI and open source code being heavily utilized, it is important to understand the current state of modern development and security and how to mitigate risk.
Join us to learn:
• The benefits organizations see from AI and open source code tools
• The concerns and potential risks of utilizing AI and open source code
• Examples of attacks that can happen when utilizing these tools
• Methods to stay secure when utilizing AI or open source tools
All episodes
-
Why Just Securing Human Identities Is Not Enough
Chris Smith, DevSecOps Product Marketing, CyberArk | Jeremy Patton, Senior DevSecOps SME, CyberArk
If your business leverages digital technology – and who doesn’t – then securing human access is not enough, attackers will find the weak point. Don’t let it happen to you! In this session you'll learn why you need to secure both your human and machine identities, as well as the applications and workloads they access, along with approaches leading organizations are taking.
Join us to learn why a battle-tested Identity Security solution with the leading solution for secure cloud access and secrets management is best to deliver cyber-risk reduction across human and machine identities. Flexible dev options help accelerate the deployment of digital technologies across cloud and hybrid environments: a win for security and a win for the business.
-
OSS Changes Got You Down? Could SaaS be the Solution?
John Walsh, Sr. Product Marketing Manager, CyberArk | Darren Khan, Principal Solutions Engineer, CyberArk
The rise of open source software was fast and furious – “free” software that was easy to try, customize, demo and build on…what could be better? But along the way, the challenges and hard truths with OSS have begun to raise their ugly heads. It requires a large dev staff to maintain and support; can often lead to sticker shock owing to expensive upgrades for key features along with a complex migration or upgrade path; not to mention security and maintenance concerns.
It’s no wonder that companies like Hashicorp have begun pivoting out from underneath their OSS licensing models. But the resultant there is broken trust and misaligned expectations between vendors and customers.
So what’s a company to do? Join CyberArk as we demo potential solutions like SaaS and recommended actions to protect your enterprise as OSS continues to evolve.
-
Live From Black Hat 2024: Securing Machine Identities In 2024 & Beyond
Uzi Ailon, VP, DevSecOps Solutions, CyberArk & Melinda Marks, Practice Director, Application & Cloud Security, ESG
What is the state of machine identity security in 2024, and what are the most important things to know about securing them for the future?
Find out in this fireside chat, where Uzi Alion, VP, DevSecOps Solutions at CyberArk and Melinda Marks, Practice Director, Cybersecurity at Enterprise Strategy Group discuss the biggest risk factors of machine identities in modern enterprises as well as best practices that organizations can leverage to keep their hybrid secrets secure.
Key topics include:
• Defense-in-depth (i.e. self-remediation)
• Lack of visibility and central control of secrets
• Ease of stealing secrets in the cloud
• And moreGrab your spot now to gain expert tips for securing your machine identities in 2024 and beyond!
-
How Security Teams are Solving Vault Sprawl with a Modern SAAS Solution
Damon McDougald, Global Digital Identity Lead, Accenture | Uzi Ailon, VP DevOps, CyberArk | Joe Garcia, Sr. Solutions Engineer, CyberArk | John Walsh, Sr. PMM, CyberArk
Given the rapidly evolving threat landscape, the importance of a centralized identity security program is vital for both human and machine identities. While other vaults and open-source tools have their merits, these on-premises tools often require costly skills and resources to host and maintain. Organizations may feel stuck supporting the open-source version and dealing with a siloed security experience due to upgrade challenges.
The good news is that you are not alone and there is a migration path to a centralized SaaS secrets management solution that fully integrates with the CyberArk Identity Security Platform. This webinar will demonstrate the steps others have taken to achieve this transition and highlight key security benefits and operational efficiencies that come with it.
Join this webinar to learn:
-The best practices and common pitfalls of moving from an on-premises to a cloud-based solution for managing your secrets and machine identities.
-The benefits of centralizing your secrets management with CyberArk SaaS: Discover how you can reduce the complexity and cost of hosting and maintaining your own secrets management tool, while enhancing your security posture and compliance with CyberArk's SaaS offering.
-How CyberArk SaaS integrates with your DevOps tools and workflows: See how you can leverage CyberArk's APIs and plugins to securely access and rotate your secrets across different environments and platforms while enabling collaboration and automation among your developers and DevOps teams.
-
GenAI and its impact on Application Security
Uzi Ailon, VP DevSecOps, CyberArk Lucy Kerner, Director of Security Global Strategy and Evangelism, Red Hat Melinda Marks, Practice Director of Cybersecurity, Enterprise Strategy Group
In this fireside chat, Uzi Ailon, VP DevSecOps, CyberArk, Lucy Kerner, Director of Security Global Strategy and Evangelism, Red Hat and Melinda Marks, Practice Director of Cybersecurity, Enterprise Strategy Group will discuss the new security risks introduced by GenAI and how to incorporate secure development practices for GenAI applications.
We'll also discuss how Red Hat and CyberArk have teamed up to create integrations to provide application security in the AI era, across hybrid environments, without impeding development, operations, and security teams. Watch the webinar today!
-
Why Machine Identity Security is Essential to Your Zero Trust Strategy
Chris Smith, DevSecOps Product Marketing, CyberArk Jeremy Patton, Senior DevSecOps SME, CyberArk
As we've discussed previously in this series, Zero Trust operates on the principle that no entity is trusted by default. While identity security continues to mature as a key topic of discussion for cloud-native developers, machine identities are often overlooked. This is a critical error for organizations in this era of dissolved network perimeters.
In fact, machine identities now outnumber human identities by a factor of 45 to one. By including machine identities and secrets management in your Zero Trust strategy, organizations can ensure that only trusted machines can communicate on the network and that unauthorized access attempts are detected and prevented.
In this webinar, join our DevSecOps experts to lay the foundation for your machine identity security strategy:
-A rundown of machine identities and what they encompass.
-Why machine identity management is a Zero Trust strategy essential.
-Real methods of risk reduction and usable best practices to secure machine identities. -
The Automation Advantage: Elevating Business Outcomes and Career Impact in Certificate Management
Tunde Oni-Daniel, Head of Technology Operations and Engineering at OneMain Financial. Florin Lazurca, Product Marketing Manager, CyberArk
vely has never been more critical, especially with the increasing complexity of modern infrastructures and the rise of 90-day and now 45-day certificate lifecycles. In this exclusive Q&A session with the Head of Technology Operations and Engineering at OneMain Financial, we explore the transformative impact of certificate lifecycle automation on business operations and career trajectories in tech.
Watch to learn how automation can help you:
Mitigate compliance risks, ensure security and reduce manual overhead in certificate renewals.
Craft a compelling business case for automation, secure executive buy-in and build an effective roadmap for automating certificate management.
Strengthen collaboration across teams like DevOps, engineering and security.
Propel your career growth by championing automation and staying ahead of future trends in securing machine identities. -
Got PKI Automation? How to Build a Strong, Healthy Backbone for Your CLM Program
Florin Lazurca Head of Technical Marketing, George Parsons Head of PKI Strategy
How can you enhance your security posture and streamline operations?
With PKI automation you’ll reduce the routine toil, and human error, commonly associated with PKI and certificate lifecycle management (CLM), empowering your team to focus their time and resources on larger, more strategic initiatives.Join our upcoming webinar to explore how your team can embrace PKI automation. Our experts will cover how you can:
Streamline CLM across all stages, including issuance, provisioning, and renewal
Scale and adapt to rapidly changing environments, devices, and identities
Cut time and costs associated with manual PKI workloads
-
Drowning in TLS/SSL Certificates? How Automation is Your Lifeline
Dave Brancato Director of Product Management, Mark Sanders Senior Sales Engineer, Benson George Product Marketing Director
Join this webinar to gain a thorough understanding of the challenges presented by shorter certificate lifespans, and the tools and strategies you need to effectively manage the shift to 90-day certificates
-
Accelerate your transition to 90-day TLS certificates
Ryan Hurst, Former Head of Product for Google's Core Security Foundation and Benson George, Product Marketing, Venafi
Ryan Hurst, former Microsoft and Google Security Leader, joins Venafi to discuss what’s driving the change to a 90-day TLS certificate standard. You’ll get exclusive insights from an industry expert on the transformational shift to 90-day and the future of TLS certificate management. Join Ryan and Venafi for this webinar.
About Ryan Hurst
With an illustrious career spanning three decades, Ryan Hurst has spearheaded several transformative initiatives in digital security, including the creation of Google Trust Services, the fourth-largest publicly trusted CA. He also led the adoption of Certificate Transparency, which is integral to the web's infrastructure.Further underscoring his expertise in advancing encryption technologies, Ryan assisted ISRG in establishing Let's Encrypt, and he first formalized the “Root Program" for Microsoft, which allows for the management of all public CAs.
You won’t want to miss this discussion, where you’ll discover what you need to tackle a 5x increase in certificate renewals, including a detailed plan to align people, processes and technology; comprehensive TLS/SSL certificate visibility; thorough process and policy reviews, and clearly defined roles and responsibilities.
- Exclusive read out: What’s driving this change and how it will impact your business
- Manual unsustainability: Why spreadsheets and lists can’t keep up with 90-day TLS certificates
- Automated simplicity: 5 ways to simplify and future-proof your TLS certificate management
- Crypto agility: How automated CLM provides the crypto agility you need for technologies like quantum computing -
Ditch your legacy PKI: Eliminate EJBCA headaches by upgrading to Zero Touch PKI
Florin Lazurca, George Parsons
PKI management migraines running from A to Z? Many teams rely on outdated PKI solutions like EJBCA to manage their digital certificates. But these solutions cause more problems than they solve—from architectural complexities to burdensome management, convoluted configuration and more.
-
How to manage Google’s 90-day TLS certificates without doing 6x the work
Florin Lazurca, Head of Technical Marketing, Benson George, Director of Product Marketing
Because in that kind of landscape, automation is the only way forward. But it’s also a strategic advantage for your enterprise.
Join this webinar to discover how modern machine identity management offers seamless, scalable automation, ensuring you’re ready for the shrinking TLS lifespans, and subsequently skyrocketing certificate inventories, of the future. -
Unveiling the Future: Exploring the Essential Trends in Kubernetes
Richard Collins, Head of Strategic Initiatives, Steve Judd, Chief Architect - Cloud Native
Dive deep into the dynamic world of Kubernetes and uncover the most crucial trends every forward-thinking professional needs to consider.
During this webinar, you’ll explore cutting-edge trends that are shaping the Kubernetes landscape, including containerization, orchestration, scalability, security and more. You’ll come away from this session empowered with the knowledge and insights necessary to navigate the ever-evolving Kubernetes ecosystem.
-
De quoi a besoin pour mettre fin aux interruptions liées aux certificats?
Stephane Dorchin, Bruno Gayer, Remy Sombouth
Quel est votre plan d'action ?
Et si nous vous aidions ? En vous présentant une approche et une solution automatisée et normalisée de la gestion des identités machine TLS de votre entreprise.
-
Code signing: Get ready for major CA/B Forum policy change
Ivan Wallis, Senior Solutions Architect, Faisal Razzak, Group Manager, R&D
Starting June 1, 2023, we saw major changes in the way your business requests and uses EV (Extended Validation) and non-EV code signing certificates on a global basis.
The Certificate Authority/Browser (CA/B) Forum will require you to store private keys associated with code signing certificates on a hardware security module (HSM) or token that’s certified as Federal Information Processing Standards (FIPS) 140 –2 Level 2 Common Criteria EAL 4+, or equivalent.
What’s driving these changes? Several high-profile attacks misusing code signing keys have happened in the past few years, so it should come as no surprise that the CA/B Forum is tightening security.
-
In Machines We Trust? How to Secure Your TLS Certificates
Diane Garey, Product Manager, Florin Lazurca, Head of Technical Marketing
When your machines—like servers, applications, IoT, and other devices—communicate with each other, TLS certificates control authentication and encryption of traffic between them. Given the growing number of machines on your network, and the increasingly important roles they play, protecting your machine-to-machine communications is critical for protecting your business. Compromise, misuse, and fraud of machine identities are prime attack vectors for hackers, and ineffective management can lead to outages that cost your organization millions of dollars a year in lost revenue.
Attend this session to find out how securing TLS certificates can:
Eliminate certificate-related outages
Lead to huge productivity gains through automation and error elimination
Enable developers to be #fastsecure
Accelerate your organization's shift from "No Trust" to "Zero Trust" -
Tales from the trenches A look beyond Zero Trust buzzwords
Justin Hansen, Field CTO
Zero trust security has been around for over a decade, but marketing buzz still makes clearly defining it an enigma—let alone figuring out pragmatic ways to apply it to your organization.
What’s with all the zero trust fuss? How can you separate hype from reality?
Venafi Field CTO Justin Hansen will unravel fact from fiction in a grounded yet engaging discussion—one complete with enlightening pre-recorded soundbites from the father of zero trust himself, John Kindervag!
Equipped with years of “in the trench” experience in Identity & Access Management, Justin will cover what zero trust is, why you should care and how to enhance the security of your people, processes and technology using proven zero trust principles.
-
Quantum-Proofing Your Data: Are You Ready for the Future of Cryptography?
Faisal Razzak, Group Manager, R&D
Join this webcast to obtain the knowledge and guidance needed to ensure a successful PQC migration in your enterprise. You'll venture through the timeline of critical events related to PQC, including necessary problems to solve. You'll come away with the industry recommended PQC migration framework, as well as information about how your organization can leverage it to evaluate your current risk levels.
-
Top 5 Critical Automations to Minimize Outages from 90-Day TLS Certificates
Justin Hansen, Tyson McMurtrey
As the industry shifts towards a 90-day standard for TLS certificate lifespans, organizations must adapt quickly to minimize the risk of outages due to expired certificates. Join us for an insightful webinar where we delve into the top critical automations needed to ensure your enterprise is prepared for this significant change. Venafi experts will guide you through the essential steps to automate certificate management across key components of your infrastructure, helping you maintain security, compliance, and uninterrupted service delivery.
-
AI and open source coding- do the benefits outweigh the risks?
Ivan Wallis, Allison Schuh
AI and open source code is making waves in the development world, providing teams with the ability to speed up their development process to keep pace with the fast-paced digital economy. But at what cost - If security cannot keep up with development speeds, what risks are organizations putting themselves in?
With AI and open source code being heavily utilized, it is important to understand the current state of modern development and security and how to mitigate risk.
Join us to learn:
• The benefits organizations see from AI and open source code tools
• The concerns and potential risks of utilizing AI and open source code
• Examples of attacks that can happen when utilizing these tools
• Methods to stay secure when utilizing AI or open source tools