Collaborate Disseminate
If you wait to become 800-171 compliant, you won’t win contracts. That was the message we wanted to make loud and clear to over 200 federal contractors during last week’s Washington Technology (WT) webcast, Inside NIST 800-171: Cyber Requir… Continue reading When it Comes to NIST 800-171 Compliance – There’s ‘On Time’ and There’s ‘Lombardi Time’
I’ve made an SPF Record for my company domain and I took great carefulness to have it done properly without any errors.
I’ve also set up our mailgateway to check SPF Records of all incoming emails from 3rd parties.
The mai… Continue reading Does error checking for SPF Records make sense?
Over the past three years, The National Center for Standard and Technology defined 800-171 security requirements. These requirements were designed to protect Controlled Unclassified Information in Nonfederal information systems, as well as organiz… Continue reading What’s at Stake with NIST 800-171 and How to Ensure You’re Compliant
When you think about typical SSL-Interception in Firewalls, depending on the number of TLS-Connections, loads of Certificates get faked “on the fly” in a very time critical environment.
In my experience on running a VPN Ser… Continue reading Do dynamic certificates for SSL-Interception pose a security risk due to weak entropy?
When configuring a mailgateways TLS Settings, should one stick to the same rules for Cipher Suites as in running a HTTPS Service (prefer EDCHE/DHE,disable SSLv3, not using stuff like RC4, etc.) or should one focus more on compatibility with other MTAs to prevent email getting sent unencrypted.
It seems to me it´s a tradeoff, with using only strong Cipher Suites on the one hand I´m improving the security of a majority of mails transfered because you can´t downgrade on weak Cipher Suites or SSLv3. But on the other hand I give up encryption for some mails because they get sent unencrypted (if the other MTA is extremly old and just supports RC4 for example).
When configuring a mailgateways TLS Settings, should one stick to the same rules for Cipher Suites as in running a HTTPS Service (prefer EDCHE/DHE,disable SSLv3, not using stuff like RC4, etc.) or should one focus more on compatibility with other MTAs to prevent email getting sent unencrypted.
It seems to me it´s a tradeoff, with using only strong Cipher Suites on the one hand I´m improving the security of a majority of mails transfered because you can´t downgrade on weak Cipher Suites or SSLv3. But on the other hand I give up encryption for some mails because they get sent unencrypted (if the other MTA is extremly old and just supports RC4 for example).
As the title says, I can´t find any ressources on the Internet on which Encrpytion Algorithm is used in *.pfx/PKCS 12 Certificates that are Password protected.
Continue reading Which encryption algorithm is used in password protected *.pfx/PKCS 12 certificates
As the title says, I can´t find any ressources on the Internet on which Encrpytion Algorithm is used in *.pfx/PKCS 12 Certificates that are Password protected.
Continue reading Which encryption algorithm is used in password protected *.pfx/PKCS 12 certificates
As the title says, I can’t find any resources on which encryption algorithm is used in *.pfx/PKCS 12 certificates that are password protected.