Skip to main content
banner image
venafi logo

Overheard at Machine Identity Protection Global Summit 2019

Overheard at Machine Identity Protection Global Summit 2019

Prepare this presentation and send it to me, once approved you can teach entire team.
May 21, 2019 | Scott Carter

There’s a certain kind of magic that happens when the greatest minds in machine identity protection coverge in a single location. That happened for the first time last week at Machine Identity Protection Global Summit 2019. And I was fortunate enough to be able to witness this amazing phenomenon and listen in for collective wisdom from folks who live and breathe machine identity protection. I’d like to share with you a small sample of the insights that I was able to overhear in sessions, meals and hallway chats.

Insights on Machine Identity Threats
  • “We’ve got breach fatigue.”
  • “SSH is a sleeping dragon.”
  • “It takes some skill to use fraudulent or compromised certificates in an attack but any Joe-Blow IT admin can figure out how to hack with an SSH key”
  • “SHA-1 is nothing compared to what we’re going to face with the transition to quantum crypto.”
Common Crypto Challenges
  • “OCSP doesn’t scale.”
  • “It’s hard to give the DevOps guys everything they need as fast as they need it.”
  • “I’ve identified hundreds of self-signed SHA-1 certificates on firmware from one of our vendors. What should I do?”
  • “We just got a request for 10,000 certificates to secure our CCTVs”
Things that Make You Go Hmm
  • “Most executives are embarrassed to admit they don’t know all about TLS. It’s kind of a voodoo thing for them.”
  • “Outages are your friend – you can really use them to your advantage”
  • “I assumed that a certificate owner would come to me and ask for a certificate…and know what a certificate is. Wrong.”
  • “OMG! We never look at all the keys and certificates a user has had access to when they leave.”
Celebrating Successful Outcomes
  • “Everything I’m worried about Venafi is solving, today or in the near future.”
  • “Automation allowed us to put controls in place that protect private keys during transit.”
  • “Before Venafi it took us 10 days to deliver a certificate from CSR to installation. It’s now 1 day and we have a lot more certificates”
  • “We estimate that our PKI team spent about an hour per certificate request all told. We took that to zero with automation.”
Thought-provoking Statements
  • “Every time you present an invalid certificate to a user you’re training them to be phished”
  • “If DevOps doesn’t have workflows, how can you trust their data?”
  • “It’s not about enforcement; it’s about making it easy for certificate users. If we don’t do that they will go do something like spin up their own CA.”
  • “Outages breed outages. If you don’t have control chain of trust problems will crop up where you least expect them”

Do you share some of the insights and challenges that Venafi customers shared last week at Machine Identity Protection Global Summit in Orland? Contact us to see how Venafi can help you protect your organization’s machine identities using a rare combination of visibility, intelligence and automation.

Already a customer? Mark your calendars for Machine Identity Protection Global Summit 2020 in San Diego, California from May 12-15.

Learn more about machine identity protection. Explore now.

Related posts

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

Déjà Vu at LinkedIn: Second TLS Certificate Expiry in 2 Years

Déjà Vu at LinkedIn: Second TLS Certificate Expiry in 2 Years

machine identity protection

Leaders Underscore the Critical Nature of Machine Identity Protection at Inaugural Global Summit

DarkMatter, Mozilla trust store, Certificate Authority

The DarkMatter Debate: Why Organizations Need to Actively Protect Trust Stores

About the author

Scott Carter
Scott Carter

Scott Carter writes for Venafi's blog and is an expert in machine identity protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat