Clik here to view.
Using CSS’ Certificate Reporting Tool to help manage certificates for iPads...
Part 2 of Apple’s iOS Devices and Certificate Lifecycle Planning blog. CSS created the Certificate Reporting Tool (CRT) a few years ago, to help organizations get a better handle on certificate...
View ArticleApple Cozying Up to Microsoft Partners? CSS’ mCMS
This week we’ve seen the latest chapter in the Microsoft/Apple love/hate relationship… and it would seem that love is conquering all… at least for the time being. As CRN reports, Apple is reaching out...
View ArticleClik here to view.
SCEP Server Policy Templates
One of the best features of Forefront Endpoint Protection (FEP) 2010 was its easy to use server policy templates. In a nutshell, server policy templates let you quickly choose an optimized,...
View ArticleClik here to view.
The NDES CA Thumbprint Hash
Recently, while working on a Microsoft Network Device Enrollment Services (NDES) deployment, a client asked a simple-enough question about the thumbprint for the Certificate Authority (CA) certificate...
View ArticleClik here to view.
How to Perform a Manual SCEP Client Installation
The following is an excerpt from my forth coming book, Microsoft System Center 2012 Endpoint Protection Cookbook, which will be available this fall from Packt Publishing...
View ArticleClik here to view.
Security Vulnerability- The Use of the Simple Certificate Enrollment Protocol...
It’s been in the works for quite some time, but we are finally able to publicly announce a problem that we’ve encountered, related to the use of the Simple Certificate Enrollment Protocol, or SCEP, in...
View ArticleCSS UNCOVERS SCEP VULNERABILITY FOR MOBILE DEVICES IN THE ENTERPRISE
Vulnerability Note VU#971035- Simple Certificate Enrollment Protocol (SCEP) does not strongly authenticate certificate requests CLEVELAND, OH – June 28, 2012. Researchers at Certified Security...
View ArticleIs My MDM Deployment Vulnerable?
If you’re reading this, there’s a good chance you’ve already seen the reports about the security ramifications of issuing certificates to mobile devices using the Simple Certificate Enrollment Protocol...
View ArticleClik here to view.
SCEP Validation Service Integration with 3rd-party MDM Applications
CSS recently discovered and published information on a potential privilege escalation attack in SCEP-based Certificate Issuance Systems. After this discovery, CSS created the SCEP Validation Service,...
View ArticleClik here to view.
Using CSS’ Certificate Reporting Tool to help manage certificates for iPads...
Part 2 of Apple’s iOS Devices and Certificate Lifecycle Planning blog. CSS created the Certificate Reporting Tool (CRT) a few years ago, to help organizations get a better handle on certificate...
View ArticleClik here to view.
Apple Cozying Up to Microsoft Partners? CSS’ mCMS
This week we’ve seen the latest chapter in the Microsoft/Apple love/hate relationship… and it would seem that love is conquering all… at least for the time being. As CRN reports, Apple is reaching out...
View ArticleClik here to view.
SCEP Server Policy Templates
One of the best features of Forefront Endpoint Protection (FEP) 2010 was its easy to use server policy templates. In a nutshell, server policy templates let you quickly choose an optimized,...
View ArticleClik here to view.
The NDES CA Thumbprint Hash
Recently, while working on a Microsoft Network Device Enrollment Services (NDES) deployment, a client asked a simple-enough question about the thumbprint for the Certificate Authority (CA) certificate...
View ArticleClik here to view.
How to Perform a Manual SCEP Client Installation
The following is an excerpt from my forth coming book, Microsoft System Center 2012 Endpoint Protection Cookbook, which will be available this fall from Packt Publishing...
View ArticleClik here to view.
Security Vulnerability- The Use of the Simple Certificate Enrollment Protocol...
It’s been in the works for quite some time, but we are finally able to publicly announce a problem that we’ve encountered, related to the use of the Simple Certificate Enrollment Protocol, or SCEP, in...
View ArticleClik here to view.
CSS UNCOVERS SCEP VULNERABILITY FOR MOBILE DEVICES IN THE ENTERPRISE
Vulnerability Note VU#971035- Simple Certificate Enrollment Protocol (SCEP) does not strongly authenticate certificate requests CLEVELAND, OH – June 28, 2012. Researchers at Certified Security...
View ArticleClik here to view.
Is My MDM Deployment Vulnerable?
If you’re reading this, there’s a good chance you’ve already seen the reports about the security ramifications of issuing certificates to mobile devices using the Simple Certificate Enrollment Protocol...
View ArticleClik here to view.
SCEP Validation Service Integration with 3rd-party MDM Applications
CSS recently discovered and published information on a potential privilege escalation attack in SCEP-based Certificate Issuance Systems. After this discovery, CSS created the SCEP Validation Service,...
View Article
