Resource Library

2024 saw a flurry of high profile incidents for public CA, which we named the Bugzilla Bloodbath. We look back to see how the WebPKI has changed as a consequence.

SCOTTSDALE, Ariz. – June 18, 2026 – Sectigo, a global leader in automated Certificate Lifecycle Management (CLM) and digital certificates, today announced it has been named the “Best Certificate Lifecycle Management (CLM) Platform” in The Hacker News Cybersecurity Stars Awards. The company has also firmly maintained its position as top CLM leader in the G2 Summer 2026 Grid Reports.

Resource-constrained devices may need to address PQC through real-time, seed-based, key generation. Unfortunately, this leaves the full key exposed very briefly in RAM. The potential consequences of this are far-reaching and scary. We go into the details.

Sam Jaques of the University of Waterloo returns to discuss his tracking of progress in quantum computers and offer a perspective on moving our PQC deadlines up to 2029.

An emerging attack against AIs is to create a significantly complex and recursive prompt that will occupy the AI indefinitely or for a sufficiently long time that it acts as a Denial-of-Service (DoS) attack. We describe how this works.

In the latest in our coverage of government versus encryption, the UK issued secret orders to Apple to give it a cryptographic backdoor to Apple's advanced data protection capability for iCloud. Apple responded by eliminating encryption entirely for UK users. We break it down.

TLS 1.3 is required to take advantage of post quantum cryptography (PQC) algorithms. Yes, we still see a lot of TLS 1.2 or earlier in deployment. We examine why this is the case and what to do about it.

Recent revelations about Mythos and its ability to expose vulnerabilities have forced us to rethink basic assumptions about cyber defense. In our "AI in 1000 Days" series, Jason Soroko and I examine the implications of these revelations three years from now.  This includes upping the overall pace of attack and changes to best practices in cyber security defense.

Anthropic has delayed its widespread release of Mythos to give major software providers a chance to close off the many vulnerabilities it has discovered. We dig into the vast implications of Mythos and other AI models for the future of cybersecurity.

SCOTTSDALE, Ariz. – June 2, 2026 – Sectigo, a global leader in automated Certificate Lifecycle Management (CLM) and digital certificates, today announced the general availability of the industry’s first globally available, production-ready, Model Context Protocol (MCP) Server for CLM. 

AI-powered, governed certificate automation via natural language, secure, scalable, and audit-ready.

Sectigo MCP Server datasheet outlines how organizations can connect AI agents to certificate operations with secure automation, full control, and zero infrastructure.

We discuss the possibility that our standardized ML-DSA keys turn out to be too short for true confidence, why that might occur, and the implications for private PKI certificates.

Sectigo MCP Server enables governed AI to automate certificate operations securely, turning insight into action at scale.

Sam Jaques joins us to explain his much-referenced chart mapping progress toward cryptographically relevant quantum computing (CRQC).

As certificate lifetimes shrink, the way organizations manage domain validation needs to evolve. Persistent DCV and expanded DNS connector support in Sectigo Certificate Manager are designed to make that transition manageable at any scale. 

We break down the phrase "Simplicity at Scale" to see what it means to us in the context of CAs and CLM.

A few years ago NIST proposed deadlines for PQC deployment at 2030 and 2035. But recent announcements from Google and Cloudflare suggest 2029 as a better deprecation target. We are joined by Dustin Moody to get the NIST perspective on these announcements.