Compliance
DNS-PERSIST-01 Is Great. Your Threat Model Needs Updating.
February 19, 202610 min read
Five security assumptions that change when certificate validation becomes persistent — and what to do about each one. A practitioner-level companion to our DNS-PERSIST-01 technical guide.
Read more
Compliance
Your Internal CA Doesn't Have a CPS. Here's Why That's a Problem.
February 14, 20268 min read
60% of organizations lack PKI governance documentation. If you're running Microsoft ADCS, EJBCA, or any private CA, you need a Certificate Practice Statement — and the RFC 3647 framework makes it easier than you think.
Read more
Email Security
Your $250K Email Security Suite Just Got Beaten by a Hotmail Address
February 13, 202610 min read
A company spends a quarter million on email security with 'Military-Grade AI,' then gets owned by a phishing email from microsft-suport-desk-real@hotmail.com. The PKI solutions to prevent this have existed for decades.
Read more