A Journey of Root Inclusion in Major Browsers/Products

Identity management is a crucial aspect of cybersecurity, but much of the Identity and Access Management (IAM) industry has traditionally focused on human identities. Now, with businesses in the eye of the digital transformation storm, machines such as container workloads, web applications, mobile devices, chatbots, and IoT endpoints have outnumbered their human counterparts and are continuing to grow. A machine identity compromise causes just as much impact (or even more, considering the numbers) as a human identity compromise. Almost all of the recent exploits, ranging from the massive data breach in Equifax to the infamous SolarWinds hack, are all a result of machine identity compromise. Machine identities are made of X.509 certificates. Manual certificate management was never a good idea, but with the machine identity explosion, it becomes especially risky. In this session, we talk about how automating certificate lifecycle management can overcome the risk of machine identity compromise in an environment with millions of identities.