Security Advanced

What is PKI (Public Key Infrastructure)?

A framework of policies, hardware, and software for creating, managing, distributing, and revoking digital certificates.

PKI enables secure communication through digital certificates that bind public keys to identities. Certificate Authorities (CAs) issue certificates, Registration Authorities verify identities, and Certificate Revocation Lists (CRLs) track revoked certificates.

PKI underpins HTTPS, email encryption (S/MIME), code signing, VPNs, and document signing. Enterprise PKI manages internal certificates for servers, users, and devices. Let's Encrypt democratized PKI by offering free, automated DV certificates.

Learn More About This Topic

Windows PKI & Certificates

Related reading

SOC Analyst Fundamentals

Related reading

SOC Analyst Advanced: Incident Response & Forensics

Related reading

Related Terms

A regularly updated list of the ten most critical web application security risks, published by the Open Web Application Security Project.

Content Security Policy (CSP)

An HTTP security header that controls which resources a browser is allowed to load for a web page, preventing XSS and data injection.

Configuration entries that define which network traffic is allowed or blocked based on source, destination, port, and protocol.

DDoS (Distributed Denial of Service)

An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.

Security Headers

HTTP response headers that instruct browsers to enable security features like XSS protection, framing prevention, and content type enforcement.

Principle of Least Privilege

A security principle where users and programs receive only the minimum access rights needed to perform their specific tasks.

View All Security Terms →