In PKI, certificate lifespans have always been a balancing act between security and operational simplicity. The industry standard has preferred longer-lived certificates valid for one year, and sometimes even for two to three years. Longer-lived certificates require fewer renewals and fewer touchpoints, which means reduced human error. But in recent years, a new approach has […] The post Short-Lived Certificates: Worth the Hype or Operational Headache? appeared first on SecureW2.| SecureW2
In order to successfully configure a WPA2-Enterprise network, a RADIUS server is a must. The RADIUS authorizes and authenticates users signing into the network and eliminates any speculation into who is using your network. A properly configured RADIUS server can garner your organization tremendous advantages in regards to network security. However, many network security professionals […] The post How to Create a Cloud-Based RADIUS Server appeared first on SecureW2.| SecureW2
Trust rules how the world works. It’s the foundation of personal relationships, how we choose who to do business with, and how we grant people (and now non-human identities) access to critical systems and information. Despite how important it is, there is a shockingly low amount of education around trust. What does it actually mean? […] The post JoinNow 8.0: Adaptive Defense, ACME for Server Certs, and More! appeared first on SecureW2.| SecureW2
Certificates are far superior to credentials and mitigate many of the vulnerabilities associated with pre-shared keys. They enhance the user experience by facilitating network access and removing password-related friction induced by password reset and complexity policies. Certificates also grant identity context by associating identities with devices, allowing administrators to decode SSL encryption and monitor device […] The post Configure Google SCEP Certificate Automatic Enrollment Profi...| SecureW2
Discover how to overcome hurdles in passwordless adoption with PKI, Cloud RADIUS, and adaptive authentication.| SecureW2
Learn why EAP-TLS prevents over-the-air credential theft, improves authentication speed, and how to set it up.| SecureW2
It’s widely held knowledge that using a single factor for authentication to wireless networks is less than secure and easily exploited by hackers. According to IBM’s X-Force Threat Intelligence Index, 35% of exploitation activity involves Man-in-the-Middle Attacks which easily bypass ... Read More| SecureW2
An overview of man-in-the-middle (MITM) attacks: what they are, how they work, the damage they can do, and why passwords won't stop them.| SecureW2
DNS poisoning attacks are much more common than you think and could wreak havoc. Explore ways to protect your network here.| SecureW2
RADIUS CBA deploys digital certificates for passwordless authentication. Learn to set up a RADIUS for CBA for better network security.| SecureW2
In July 2025, a widely exploited zero-day vulnerability, CVE-2025-53770 & 53771, named ToolShell, hit on-premises Microsoft SharePoint Server systems, triggering a large-scale compromise. The ToolShell exploit gave attackers unauthenticated remote code execution in on‑premises SharePoint by chaining a spoofed Referer ... Read More The post When Static Trust Becomes a Backdoor: Lessons from the 2025 SharePoint ToolShell Exploit appeared first on SecureW2.| SecureW2
Generative AI (GenAI) tools such as ChatGPT, Claude, and GitHub Copilot have become integral to the workplace and are used by employees as productivity tools. Banning new tech doesn’t work; it drives adoption underground and fuels shadow IT. The genuine ... Read More The post How To: Enabling Safe GenAI Access on Unmanaged Devices and Corporate Wi-Fi appeared first on SecureW2.| SecureW2
The security landscape is profoundly transforming as AI and cloud-native technologies reshape organizations’ operations. Today, infrastructure consists of identity-less components such as containers, serverless functions, and ephemeral compute instances that simply run without logging in as traditional users do. Alongside ... Read More The post Securing Identity-less Infrastructure and Userless Agents appeared first on SecureW2.| SecureW2
“A ransomware attack on the group’s IT systems had such a devastating impact that the group concluded it could not continue to trade,” – BBC KNP Logistics (formerly known as Knights of Old), one of the UK’s largest privately owned ... Read More The post The Password That Collapsed a Company: What We Can Learn from the KNP Logistics Ransomware Attack appeared first on SecureW2.| SecureW2
Even the DoD Knows the Perimeter is Dead “There is no such thing as a secure system.” —Lisa Porter, Former Deputy Undersecretary of Defense for Research and Engineering The U.S. Department of Defense openly admits it no longer trusts its ... Read More The post The DoD Just Confirmed What We’ve Been Saying All Along: Trust Must Be Earned appeared first on SecureW2.| SecureW2
Discover the critical differences between traditional MITM and sophisticated AITM attacks that bypass MFA and CBA is the ultimate defense.| SecureW2
RADIUS over TLS, also known as RadSec, enhances roaming services like Eduroam by providing stronger encryption than the standard Remote Access Dial-In Service (RADIUS) protocol. RADIUS in Eduroam utilizes the User Datagram Protocol (UDP), which lacks built-in encryption, when sending ... Read More| SecureW2
Third-Party CAs allow you to automate the entire certificate lifecycle for your Intune-Managed Devices using a SCEP Profile and an OAuth API.| SecureW2
Simplify certificate enrollment with our guide on fixing SCEP errors like Pending Requests and Invalid Certs. Learn troubleshooting tips to enhance security.| SecureW2
Looking to automate certificate enrollment? Discover how SCEP helps you enroll certificates on managed devices without end-user interaction.| SecureW2
Learn about Certificate Authorities, their role in secure online communications, and how they help manage digital certificates for Wi-Fi, VPN, and more.| SecureW2
You’re not alone if you have ever hit “Push” on the Simple Certificate Enrollment Protocol (SCEP) profile in your Mobile Device Management (MDM) only to find that nothing immediately happens. It’s a frustrating experience, especially when everything seems correctly configured. ... Read More| SecureW2
World-Class PKI Services, #1 Rated Onboarding Software & RADIUS Services to provide the next-generation of passwordless security.| SecureW2
EAP-TTLS/PAP provides no encryption as credentials are transmitted in cleartext, making them vulnerable. Discover more on EAP-TLS for superior network encryption| SecureW2