Blog

KT Secure - penetration testing, software code signing, hsm management

Cyber Security

What is Penetration Testing? A simple Guide

Penetration testing or Pen testing as it is commonly known, is a simulated attack against your infrastructure and systems to check for vulnerabilities that may be exploited by Cyber Attackers. The NCSC describes penetration testing as “A method for gaining assurance in the security of an IT system by attempting to breach some or all of that system’s security, using the same tools and techniques as an adversary might.” Penetration testing should be a continuous Read more…

By Amy Nihad, 4 yearsSeptember 21, 2020 ago

Cyber Security

What is a Hardware Security Module (HSM)?

A hardware security module (HSM) is a trusted physical computing device that performs a variety of cryptographic operations, such as signing, signature validation, encryption, decryption and hashing. Hardware Security Modules typically come in the form of a physical appliance utilising specialised hardware and Operating Systems (OS) connected directly to the network. USB or PCI connected modules are another option for HSMs and are installed in network connected computers. Whilst these modules provide much the same Read more…

By Amy Nihad, 4 yearsSeptember 15, 2020 ago

Cyber Security

The importance of software code signing

Software code signing is the process of verifying software to ensure it has come from a legitimate source. In this blog we discuss the importance of software code signing and the implications of not maintaining certificates.

By Amy Nihad, 4 yearsAugust 18, 2020 ago

Cyber Security

What is Public Key Infrastructure?

Public Key Infrastructure (PKI) is an infrastructure designed to provide integrity, authentication and confidentiality of electronic information. The infrastructure and associated processes provide the capabilities to manage secure cryptographic credentials and distribute them to individuals and devices to enable secure transactions to occur. Public Key Infrastructure (PKI) is a general term to describe everything used to establish and manage public key encryption, one of the most common forms of internet encryption. Every web browser in Read more…

By Amy Nihad, 3 yearsNovember 4, 2020 ago

Cyber Security

How to safely Store your Private Keys

In this post we discuss the available ways to store Digital key material and the benefits/issues associated with each method along with the challenges posed by the continued migration to the cloud and the solutions that the providers have made available. On-Premise Hardware Security Module As outlined in an earlier blog post here for many years HSMs have been the de facto method for storing digital key material. The place as the default approach was Read more…

By Amy Nihad, 4 yearsOctober 19, 2020 ago

Cyber Security

HSM in the Cloud – Azure Dedicated HSM

If you are using Microsoft Azure and require cryptographic services and secure key management then Azure dedicated HSM may be the solution for you. Azure Dedicated HSM provides subscribers with single-tenant FIPS 140-2 Level 3 certified devices that Microsoft manage and monitor but the customer controls. Microsoft has designed the Dedicated HSM service around SafeNet Luna Network HSM 7 (Model A790) appliances from Gemalto they are available in many Azure regions and are easily deployed and Read more…

By Amy Nihad, 4 yearsOctober 12, 2020 ago

Cyber Security

HSM in the Cloud – AWS CloudHSM Solution

If you are using AWS Cloud services and require strong encryption then utilising your on-premise HSM may be impractical or undesirable. AWS Cloud HSM is a FIPS 140-2 Level 3 certified Hardware Security Module specifically deployed within the cloud utilising a Pay-As-You-Go (PAYG) charging model. AWS CloudHSM offers storage and generation of encryption keys within and for use on the AWS Cloud. CloudHSM offers easy integration via standard APIs such as PKCS#11, JCE and CNG Read more…

By Amy Nihad, 4 yearsOctober 7, 2020 ago

Cyber Security

The Certificate Lifecycle

Whether it is generally known outside of select groups, Public Key Infrastructure is at the heart of digital communication. PKI is a framework covering encryption, policies and procedures to protect communication and verify identities. PKI has at its core the concept of trust, digital certificates are used as a trusted and secure electronic signature providing verified user identity, document integrity, time stamp, and non-repudiation of signed electronic documents. As certificates are used as the basis Read more…

By Amy Nihad, 3 yearsNovember 24, 2020 ago

What Is

What makes a strong firewall?

In terms of digital security, firewalls are network security systems which are often considered the first line of defence for any infrastructure. Unsure whether your firewall is up to scratch? Take a look at our guide and best practices to get the most out of your firewall.

By Amy Nihad, 5 yearsJune 24, 2019 ago

Q&A Session

Data Encryption Q&A with Thales eSecurity

With high profile data breaches happening at an alarming frequency, encryption has become a key building block for information security. In our latest Q&A, we spoke to Lee Davis, Regional Sales Manager from Thales eSecurity, to clarify key terms and talk best practice for securing your data.

By Amy Nihad, 5 yearsFebruary 22, 2019 ago