Microsoft has publicly stated that it will hand over Bitlocker keys to US law enforcement agencies without requiring a subpoena or court order.
Jason Soroko
Fellow
Jason has 20 years of experience researching, innovating, educating markets, developing intellectual property, and contributing to national-level guidance and consortium standards. He works closely with enterprise companies daily to synthesize managed PKI security solutions that meet real-world operational needs.
Jason Soroko is a seasoned security technology innovator and Senior Fellow at Sectigo, where he leads customer-facing engagements, drives research, and spearheads strategic initiatives at both organizational and national levels. He also contributes to the development of intellectual property and consortium standards. As co-host of the award-winning “Root Causes” podcast, Jason educates professionals on the latest trends in PKI and cybersecurity twice a week. His core strength is bridging cutting-edge security methods with real-world operational needs, ensuring that businesses are equipped with practical, forward-thinking solutions.
Recent posts by Jason Soroko
We usually think of Certificate Lifecycle Management (CLM) as a security category. But we could equally well call it an operations category that enables uptime.
We introduce the concept of a "digital parasite," explaining why this attack philosophy appears to be on the rise.
In a recent blog post Google made five recommendations for policy makers.
CISA (Cybersecurity and Infrastructure Security Agency) has released new guidance about post-quantum cryptography in critical infrastructure, including some sobering warnings.
CAA records exist to restrict issuing CAs for a given domain to as few as one CA. But what happens when the CAA record outlives the CA?
Chrome's deadline for deprecation of the clientAuth EKU and mTLS in public certificates has moved out. We give you the what, when, and why.
Root Causes PodcastRoot Causes 589: Is a Cryptographically Relevant Quantum Computer Economically Viable?
We recently heard the argument that it's simply too expensive to develop a cryptographically relevant quantum computer. We vehemently disagree. In this episode we explain why.
The transition to PQC is not just a change in cryptographic algorithms but also a fundamental shift in how we treat our cryptography. From here on out, IT systems need to be fundamentally crypto agile as never before.