Видео

Unfortunately not, this is for username and password authentication. For a more secure authentication we recommend using certificates issued by your MDM ruclips.net/video/LV6gN15QWLI/видео.html

Hi, yes there is, you must create a profile for the iPhone, www.keytos.io/docs/cloud-radius/setup-radius-in-mdm/in-device/#how-to-configure-eap-ttlspap-on-macos-for-radius-authentication-with-entra-id-passwords

Thanks for the feedback, we have updated the title to match the content

yes, this is only for Microsoft 365 work accounts

Yes, you can try it for free no credit card required www.keytos.io/docs/azure-pki/getting-started/registering-a-new-tenant/selecting-a-plan/select_plan_in_ezca/ We use our own in house built Certificate Authority as our backend this was built to be cloud native allowing us to scale faster while being more affordable.

you saved me from tons of hours of investigation, pretty appreciated. cheers man

As i said on the other channel of this guy (for whatever reason he has 2 of them). Attacker needs to be in range of your wifi card. The malicious packet is sent to the device itself. If you are not connect anywhere you are still vulnereable

​@@igorkottm40 Okay, first off, you have to be using your laptop per se if you're out in public. Not connected to a Wi-Fi. If you put your laptop to sleep, it's not sending or receiving packets anymore. Unless you are connected to a Wi-Fi. The only way that somebody could be in proximity to you without you being connected to a wireless network is if you are using your machine, out in public, willy-nilly without an internet connection, and who does that?

You are correct, they are different, but the underlying technology is the same for both

They do use lava lamps for some of their random generators, but for most encryption they use the regular random generators that are approved by the industry www.cloudflare.com/learning/ssl/lava-lamp-encryption/

It is not better, they are both great tools for checking revocation, one offloads the search to the server and the other to the device. Most devices use CRL but for devices or networks that cannot handle large CRLs, OCSP is a great option.

Glad it was helpful!

thanks for the feedback we will make sure to change it in our next videos

thanks for the feedback we will make sure to change it in our next videos

you can always check our www.keytos.io/careers page for the latest job postings

you should be able to create a test subscription by clicking skip for now. It is only free for a month, after the first month it is $200 per CA per month and can be charged either to your credit card or to your Azure account.

Sorry about that, here is the presentation with all the information marketing.keytos.io/hubfs/Presentations/Cybersecurity%20Trends%20for%202024.pdf

Hi thanks for your comment - while the experience seems simple, what happens in the backend is more complex; we talk about it at 4:30, but the gist is that each request has an encrypted password that is set by the MDM and EZCA (Intune sets their own, some MDM solutions only support a static password that is encrypted with the CA public key meaning that the CA is the only one that can access it, and some support dynamic challenge requests meaning that each specific request has it's own password set by the CA (this one is also encrypted), if you are interested, we have a full deep dive on how SCEP works in this video ruclips.net/video/da6LrQJcSgs/видео.html please let us know if you have other questions

Glad we could help:)

yes, anyone with an Azure account can create those resources and create pages. This is why we recommend all organizations to verify that they do not have any dangling DNS that can be exploited.

Hi Currently, EZCA only supports CRL. OCSP support is coming by end of Q3 2023

We are happy to announce that now you can setup your EZCA ca with OCSP docs.keytos.io/azure-pki/creating-your-first-ca/first_subordinate_ca/#ocsp-online-certificate-status-protocol-settings