February 3, 2022
Many of the largest recent security breaches are the result of supply-chain security issues: applications are exploited because they incorporate third-party code that contains vulnerabilities, either by mistake, or by malicious action.These attacks have led the industry to take an end-to-end look at the way we built modern software, and issue guides to securing that process. For example, the Cloud Native Computing Foundation and NIST have both released standards or drafts.
Read Article ->November 29, 2021
As part of the suite of cryptography discovery tools included with Cryptosense Analyzer Platform (CAP), Cryptosense File Scanner looks for cryptographic objects including SSH keys, PGP Keys, X.509 certificates and keystores on any filesystem or container image.
Read Article ->July 6, 2021
Cryptography is an essential enabling technology for modern business: without it we would not be able to protect our sensitive data or carry out authentication. When perfectly implemented and maintained, cryptography provides security we can rely on. However, detailed errors in its usage can lead to total loss of protection, and our increasing reliance on cryptography means that these mistakes now carry significant financial and reputational risks.
Read Article ->June 15, 2021
It’s incredible that in this world there is any trust at all. You need only watch a nature documentary or CNBC to know deceit, treachery and malfeasance are rife. Yet, here we are. The vast majority of our transactions are secure and successful. Our passwords remain confidential, usually. Our data's integrity is preserved, more often than not
Read Article ->March 20, 2020
Identifying the cryptographic keys an application really uses, what they are used for, and how they are stored, is a critical step towards many transformation projects...
Read Article ->February 16, 2020
The importance of cryptographic key management increases as companies begin to move sensitive applications to the public or hybrid cloud. Understanding exactly which keys are carrying out which operations, what data each key is protecting, and how they are generated and stored, is more critical than when all keys were only used and stored on-premise.
Read Article ->