The FinWise breach shows that when insider threats strike, encryption is the last line of defense. Penta Security's D.AMO platform unites encryption, key management, and access control to keep sensitive data secure.
We have many servers and network devices that support either ACME or EST for automated certificate management, but our CA is a Microsoft server running ADCS. These protocols aren't supported natively within Windows Server, so I'm trying to figure out if it's possible to integrate them or if we will need a different certificate authority for these devices? What are you folks doing to automate certificates with non-MDM devices? submitted by /u/umm-i-got-a-question [link] [comments]
I'm working on a project that requires secure storage and management of encryption/decryption keys and initialization vectors (IVs). I'm looking for solutions that are: Open source - so I can audit the code and have community support Cloud-based - needs to be accessible across distributed services Production-ready - reliable enough for real-world use What I need to store: - Encryption/decryption keys - Initialization vectors (IVs) - Ideally with access control and audit logging I've heard of...
I've been thinking... AWS Secrets Manager already encrypts stuff with KMS, has IAM for access control, and CloudTrail for audit logs. So in theory, you could just use it as your own password manager - everything stays in your AWS account. I tried hooking up a simple UI to it, and it actually feels really secure and clean. No third-party cloud, no weird sync issues - just your secrets, your cloud. Curious what others think - is this a cool idea or total overkill? 😅 submitted by /u/chataxis...