In this video presentation, Rick Davis, a Senior Customer Engineer at Microsoft specializing in Cybersecurity, addresses the recent challenges and vulnerabilities affecting Public Key Infrastructure (PKI) and certificates. The talk delves into critical issues impacting both internal PKIs and public certificates, shedding light on their significance within the broader Active Directory ecosystem. Throughout the session, Rick classifies and rates the severity of these issues while offering insights into possible mitigations, defense strategies, monitoring, and alerting measures. Additionally, he explores alternatives and their feasibility for operational and security teams, guiding the audience through the complex landscape of PKI-related concerns.
With over 20 years of experience in the field, Rick Davis brings a wealth of expertise to the discussion. His diverse background spans roles in architecture, red teaming, and academia, where he has lectured on statistics, number theory, and cryptanalysis. Working closely with Microsoft’s global Incident Response team, Rick actively responds to major cybersecurity threats and ransomware outbreaks, solidifying his status as a subject matter expert on key technologies like PKI, Active Directory, and the Microsoft Defender ecosystem. Through this talk, attendees gain a comprehensive understanding of the current PKI landscape, enabling them to proactively safeguard their systems and respond effectively to potential cybersecurity events.