Venafi, a CyberArk company, offers the most comprehensive solutions to address critical challenges in PKI, certificate management and workload identity management. Through centralized visibility and automation, we help customers monitor and secure any machine identity, anywhere, across extended enterprise networks. As an innovative leader, we solve today’s greatest machine identity challenges while anticipating those of tomorrow.
By combining Venafi’s best-in-class machine identity management with CyberArk’s leading identity security capabilities, these two category creators together establish the world’s first platform for end-to-end machine identity security at enterprise scale. To learn more about CyberArk’s acquisition of Venafi, visit: venafi.com/news-center/press-release/cyberark-completes-acquisition-of-machine-identity-management-leader-venafi/
For more info about Venafi, visit www.venafi.com. To learn more about CyberArk, visit www.cyberark.com.
Appreciate the detailed breakdown! 🧐 Just a small off-topic question: 😅 I only have these words 🤔. (behave today finger ski upon boy assault summer exhaust beauty stereo over). Can someone explain what this is? 😅
👍 So, you have the root cert in a generator and from that it stems? then every next one is in its own gen that stems too? Each had their own set permissions of limitations?
01:58 Google will not invalidate active certificates when it goes to switch to 90 Day Certs. This scneario was not done the last 2 times the valdiation period was reduced. Any active cert that was already built+purchased+implemented will continue to be valid until it expires. At which point any new replacement certifiate would be then forced to a 90 day validity period and would either need to be automated or someone is going to have a lot of work constantly.
Hi, my AntiVirus is blocking Electron js Application to download,(i.e unable to download Electron JS Application) do you have any idea what is happening
Thank you SO much for this video, and BIGGER thanks for the DIAGRAMS!! I am currently studying for the MD100 test with Microsoft and am currently on subject of local VPN server configuration (the Microsoft way of course), and am on the SSTP connection type.
I had a security alert pop up about the revocation certificate being invalid or unknown of whether to be trusted, however at the time I saw the issuer was Huawei so i thought nothing more of it, and installed the certificate, furthermore in retrospect I'm having second thoughts of if i should have, plus we never had alert appear before until after our internet went out and came back today.
hello, not sure if you respond. came across the CRL in my downloads and unsure why its there. is the CRL a safe thing? if so can i move it or delete it from my downloads. the CRL contains items from a year ago and i only just bought this from a pawn shop. if it is safe to delete please let me know.
So is the chain of trust followed up the web server’s intermediate(s) and root installed certificates? Some descriptions sound like the browser is following the certificate chain on the client (browser)
Thanks for your question! In short, you are correct that the browser is responsible for establishing the chain of trust. To verify a certificate, a browser will obtain a sequence of certificates, each one having signed the next certificate in the sequence, connecting the signing CA’s root to the server’s certificate. For more details, check out this Venafi blog post: www.venafi.com/blog/how-does-browser-trust-certificate?
Thanks for reaching out! In short, it is only storing the private key in the vault. Check out our Venafi Solution Brief to learn more about this integrated solution: www.venafi.com/sites/default/files/2020-07/CyberArk_SSH_Discovery_Venafi_Solution_Brief_2020.pdf