Security Advanced

What is PKI (Public Key Infrastructure)?

A framework of policies, hardware, and software for creating, managing, distributing, and revoking digital certificates.

PKI enables secure communication through digital certificates that bind public keys to identities. Certificate Authorities (CAs) issue certificates, Registration Authorities verify identities, and Certificate Revocation Lists (CRLs) track revoked certificates.

PKI underpins HTTPS, email encryption (S/MIME), code signing, VPNs, and document signing. Enterprise PKI manages internal certificates for servers, users, and devices. Let's Encrypt democratized PKI by offering free, automated DV certificates.

Learn More About This Topic

Windows PKI & Certificates

Related reading

SOC Analyst Fundamentals

Related reading

SOC Analyst Advanced: Incident Response & Forensics

Related reading

Related Terms

Secret Management

The practice of securely storing, accessing, and rotating sensitive credentials like API keys, passwords, and certificates.

Security Hardening

The process of reducing a system's attack surface by disabling unnecessary services, applying patches, and configuring security controls.

A systematic examination of an information system to assess compliance with security policies, identify vulnerabilities, and verify controls.

A regularly updated list of the ten most critical web application security risks, published by the Open Web Application Security Project.

A one-way function that converts input data into a fixed-size string of characters, used for data integrity and password storage.

Certificate Pinning

A security technique that associates a host with its expected TLS certificate or public key, preventing man-in-the-middle attacks with fraudulent certificates.

View All Security Terms →