Difference between revisions of "PSWEpisode641"

From Paul's Security Weekly
Jump to: navigation, search
(Tech Segment: Mark Cooper, PKI Solutions- 6:45PM-7:30PM)
Line 29: Line 29:
  
 
= Tech Segment: Mark Cooper, PKI Solutions- 6:45PM-7:30PM =
 
= Tech Segment: Mark Cooper, PKI Solutions- 6:45PM-7:30PM =
<!--[[File:JohnLoucaides.jpg|right|250px|thumb|<center>'''[https://twitter.com/JohnLoucaides John Loucaides]'''is the VP of Research & Development at [https://eclypsium.com/ Eclypsium].</center>]] -->
+
[[File:MarkCooper.jpg|right|250px|thumb|<center>'''[https://twitter.com/thepkiguy Mark Cooper]'''is the President & Founder at [https://www.pkisolutions.com/ PKI Solutions].</center>]] Mark B. Cooper, president and founder of PKI Solutions, is known as "The PKI Guy" since his early days at Microsoft. He has deep knowledge and experience in all things Public Key Infrastructure (PKI). PKI Solutions Inc. provides consulting, training — including online training — and implements software solutions for Microsoft PKI and related technologies at enterprises, many of them Fortune 500 companies. PKI Solutions has led hundreds of PKI trainings, including private trainings, across the country and around the world. Cooper is an avid proponent of the SHAKEN/STIR global standard to end robocalls, that uses authentication and PKI to verify callers’ identities. Prior to founding PKI Solutions, Cooper was a senior engineer at Microsoft, where he was a PKI and identity management subject matter expert who designed, implemented, and supported Active Directory Certificate Services (ADCS) environments for Microsoft's largest customers.<br><br>'''Segment Topic:'''<br>How SHAKEN/STIR and PKI will end the global robocall problem<br><br>'''Segment Description:'''<br>There is a new ecosystem underway that will impact everyone, especially the irritated people in the U.S. who have received more than 48 billion robocalls last year. This new ecosystem will hopefully put an end to these annoying and fraudulent robocalls calls, which the Federal Communications Commission (FCC) estimates will constitute more than half of all phone calls placed in the U.S. this year. The FCC and major telecommunications companies including Comcast, AT&T, and T-Mobile are behind a new, global technology standard called SHAKEN/STIR (Signature-based Handling of Asserted Information using ToKENs and Secure Telephony Identity Revisited) to combat robocalls and caller ID spoofing. This new standard addresses the issue of commercial robocallers who are impersonating other callers and committing fraud via Caller ID.<br><br>Public key infrastructure (PKI) is the backbone of the SHAKEN/STIR global technology standard. In order for the entire ecosystem to work, it needs to be created with a trusted PKI system as the base, using digital signatures in every single call, which are verified and authenticated.<br><br>'''Segment Resources:'''<br>
 +
* https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285
 +
* https://www.pkisolutions.com/shakenstir/
 
<br>
 
<br>
  

Revision as of 17:43, 5 February 2020

Recorded March 5, 2020 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Lee Neely
    is a Sr. Cyber Analyst at LLNL,SANS Analyst, SANS NewsBites Editor


  • Announcements

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.


    Interview: Sean Metcalf, Microsoft - 6:00-6:45PM


    Tech Segment: Mark Cooper, PKI Solutions- 6:45PM-7:30PM

    Mark Cooperis the President & Founder at PKI Solutions.
    Mark B. Cooper, president and founder of PKI Solutions, is known as "The PKI Guy" since his early days at Microsoft. He has deep knowledge and experience in all things Public Key Infrastructure (PKI). PKI Solutions Inc. provides consulting, training — including online training — and implements software solutions for Microsoft PKI and related technologies at enterprises, many of them Fortune 500 companies. PKI Solutions has led hundreds of PKI trainings, including private trainings, across the country and around the world. Cooper is an avid proponent of the SHAKEN/STIR global standard to end robocalls, that uses authentication and PKI to verify callers’ identities. Prior to founding PKI Solutions, Cooper was a senior engineer at Microsoft, where he was a PKI and identity management subject matter expert who designed, implemented, and supported Active Directory Certificate Services (ADCS) environments for Microsoft's largest customers.

    Segment Topic:
    How SHAKEN/STIR and PKI will end the global robocall problem

    Segment Description:
    There is a new ecosystem underway that will impact everyone, especially the irritated people in the U.S. who have received more than 48 billion robocalls last year. This new ecosystem will hopefully put an end to these annoying and fraudulent robocalls calls, which the Federal Communications Commission (FCC) estimates will constitute more than half of all phone calls placed in the U.S. this year. The FCC and major telecommunications companies including Comcast, AT&T, and T-Mobile are behind a new, global technology standard called SHAKEN/STIR (Signature-based Handling of Asserted Information using ToKENs and Secure Telephony Identity Revisited) to combat robocalls and caller ID spoofing. This new standard addresses the issue of commercial robocallers who are impersonating other callers and committing fraud via Caller ID.

    Public key infrastructure (PKI) is the backbone of the SHAKEN/STIR global technology standard. In order for the entire ecosystem to work, it needs to be created with a trusted PKI system as the base, using digital signatures in every single call, which are verified and authenticated.

    Segment Resources:


    Security News - 7:30-8:30PM

    Paul's Stories

    Template:PSWPaul641

    Larry's Stories

    Lee's Stories


    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+