AWS IAM Identity Center now supports customer-managed KMS keys for encryption at rest
Gain control over encryption and comply with regulations using customer-managed keys for AWS IAM Identity Center's user data and passwords.
Articles tagged with: #key-management
Clear filter
iOS secure enclave for file encryption - anyone actually implementing this properly?
Curious about real-world implementations of iOS secure enclave for file-level encryption beyond what's built into the OS. Specifically interested in apps that handle: local-only storage, secure key management, proper data-at-rest protection, and clean wipe mechanisms (including duress scenarios). What exists that's actually been audited or reviewed? submitted by /u/realdeal [link] [comments]
Checkpoint SVC port 18264 on the public network
Does anyone know if port 18264 is required to be exposed on the public network for Checkpoint SVC? Check Point says this is required for PKI to work and to publish CRL, and also required for ipsec between two Checkpoint firewalls using certificates. submitted by /u/blackholeearth [link] [comments]
Saas
Hey folks 👋 I'm exploring a project to make cybersecurity simpler and more automated, especially for devs and Web3 teams. I'd love to learn from your experience: what's the biggest pain point for you right now? Thanks in advance - I'll share insights back with the community! What's your role? (Engineer, Founder, Security lead, Other) What's your #1 headache in security? • A) Code audits / vulnerability scanning • B) Wallet / key management • C) Compliance & reports (SOC2, GDPR, etc.) • D)...
Unnoticed PKI expiration
When the PKI root certificate expires and this has no impact on your IT system, and you only realise this several days later, what does that say about the company ? submitted by /u/vao-81 [link] [comments]
Is not knowing everything really OK?
I often read we are not supposed to know everything, I agree and it is reassuring, but how do you handle job interviews? For the context, I'm career shifting into IT, eventually cybersecurity, with more interest in the defensive side. In my precedent career, I never had to do 'real' job interviews. As for learning, I've been practicing different topics for nearly 2 years. I try to be as general as possible, from networking currently studying CCNA, homelabing AD with PKI implementation, pfsense,...
Threshold Signatures for Central Bank Digital Currencies
arXiv:2506.23294v2 Announce Type: replace Abstract: Digital signatures are crucial for securing Central Bank Digital Currencies (CBDCs) transactions. Like most forms of digital currencies, CBDC solutions rely on signatures for transaction authenticity and integrity, leading to major issues in the case of private key compromise. Our work explores threshold signature schemes (TSSs) in the context of CBDCs. TSSs allow distributed key management and signing, reducing the risk of a compromised key....
Towards a Decentralized IoT Onboarding for Smart Homes Using Consortium Blockchain
arXiv:2508.21480v1 Announce Type: new Abstract: The increasing adoption of smart home devices and IoT-based security systems presents significant opportunities to enhance convenience, safety, and risk management for homeowners and service providers. However, secure onboarding-provisioning credentials and establishing trust with cloud platforms-remains a considerable challenge. Traditional onboarding methods often rely on centralized Public Key Infrastructure (PKI) models and...
What's PKI Done Right (PKIDR)? Anyone Know?
Hey r/cybersecurity , I came across "PKI Done Right" (PKIDR) while researching Public Key Infrastructure. Seems like a way to implement PKI securely, but I'm not clear on the details. Anyone familiar with PKIDR? What makes it different from regular PKI? Any key principles, tools, or examples of it in action? Looking to