Blog

KT Secure - penetration testing, software code signing, hsm management

What is Penetration Testing? A simple Guide

Penetration testing or Pen testing as it is commonly known, is a simulated attack against your infrastructure and systems to check for vulnerabilities that may be exploited by Cyber Attackers.  The NCSC describes penetration testing as “A method for gaining assurance in the security of an IT system by attempting to breach some or all of that system’s security, using the same tools and techniques as an adversary might.” Penetration testing should be a continuous Read more…

KT Secure - penetration testing, software code signing, hsm management

What is a Hardware Security Module (HSM)?

A hardware security module (HSM) is a trusted physical computing device that performs a variety of cryptographic operations, such as signing, signature validation, encryption, decryption and hashing.  Hardware Security Modules typically come in the form of a physical appliance utilising specialised hardware and Operating Systems (OS) connected directly to the network.  USB or PCI connected modules are another option for HSMs and are installed in network connected computers.  Whilst these modules provide much the same Read more…

KT Secure - penetration testing, software code signing, hsm management

Knight Trading UK Limited Attains ISO27001:2013 Certification

7th June 2024 Knight Trading UK Limited achieves certification to ISO27001:2013 Knight Trading UK Limited has achieved certification to ISO27001:2013 for its Information Security Management System. ISO27001:2013 provides a recognised framework for information security management, which helps companies prove compliance to the highest level of information security management. In Knight Trading UK Limited’ case, this helps to demonstrate our dedication to safeguarding our customers sensitive data and ensuring the highest standards of security and compliance. Read more…

KT Secure - penetration testing, software code signing, hsm management

What is Public Key Infrastructure?

Public Key Infrastructure (PKI) is an infrastructure designed to provide integrity, authentication and confidentiality of electronic information.  The infrastructure and associated processes provide the capabilities to manage secure cryptographic credentials and distribute them to individuals and devices to enable secure transactions to occur. Public Key Infrastructure (PKI) is a general term to describe everything used to establish and manage public key encryption, one of the most common forms of internet encryption.  Every web browser in Read more…

KT Secure - penetration testing, software code signing, hsm management

How to safely Store your Private Keys

In this post we discuss the available ways to store Digital key material and the benefits/issues associated with each method along with the challenges posed by the continued migration to the cloud and the solutions that the providers have made available. On-Premise Hardware Security Module As outlined in an earlier blog post here for many years HSMs have been the de facto method for storing digital key material.  The place as the default approach was Read more…

KT Secure - penetration testing, software code signing, hsm management

HSM in the Cloud – Azure Dedicated HSM

If you are using Microsoft Azure and require cryptographic services and secure key management then Azure dedicated HSM may be the solution for you.  Azure Dedicated HSM provides subscribers with single-tenant FIPS 140-2 Level 3 certified devices that Microsoft manage and monitor but the customer controls. Microsoft has designed the Dedicated HSM service around SafeNet Luna Network HSM 7 (Model A790) appliances from Gemalto they are available in many Azure regions and are easily deployed and Read more…

KT Secure - penetration testing, software code signing, hsm management

HSM in the Cloud – AWS CloudHSM Solution

If you are using AWS Cloud services and require strong encryption then utilising your on-premise HSM may be impractical or undesirable.  AWS Cloud HSM is a FIPS 140-2 Level 3 certified Hardware Security Module specifically deployed within the cloud utilising a Pay-As-You-Go (PAYG) charging model.  AWS CloudHSM offers storage and generation of encryption keys within and for use on the AWS Cloud.  CloudHSM offers easy integration via standard APIs such as PKCS#11, JCE and CNG Read more…

KT Secure - penetration testing, software code signing, hsm management

The Certificate Lifecycle

Whether it is generally known outside of select groups, Public Key Infrastructure is at the heart of digital communication.  PKI is a framework covering encryption, policies and procedures to protect communication and verify identities.  PKI has at its core the concept of trust, digital certificates are used as a trusted and secure electronic signature providing verified user identity, document integrity, time stamp, and non-repudiation of signed electronic documents.  As certificates are used as the basis Read more…

The Importance of Firewalls

What makes a strong firewall?

In terms of digital security, firewalls are network security systems which are often considered the first line of defence for any infrastructure. Unsure whether your firewall is up to scratch? Take a look at our guide and best practices to get the most out of your firewall.