Security Advanced

What is PKI (Public Key Infrastructure)?

A framework of policies, hardware, and software for creating, managing, distributing, and revoking digital certificates.

PKI enables secure communication through digital certificates that bind public keys to identities. Certificate Authorities (CAs) issue certificates, Registration Authorities verify identities, and Certificate Revocation Lists (CRLs) track revoked certificates.

PKI underpins HTTPS, email encryption (S/MIME), code signing, VPNs, and document signing. Enterprise PKI manages internal certificates for servers, users, and devices. Let's Encrypt democratized PKI by offering free, automated DV certificates.

Related Terms

Supply Chain Attack

A cyberattack that targets less-secure elements in the software supply chain to compromise downstream users and organizations.

Vulnerability Scanning

Automated testing that identifies known security weaknesses in systems, applications, and network infrastructure.

CORS (Cross-Origin Resource Sharing)

A browser security mechanism that controls which web domains can access resources from another domain via HTTP requests.

SIEM (Security Information and Event Management)

A platform that collects, correlates, and analyzes security events from across an organization to detect threats and incidents.

A social engineering attack that uses fraudulent communications to trick people into revealing sensitive information or installing malware.

Penetration Testing

An authorized simulated cyberattack on a system to evaluate its security defenses and identify vulnerabilities.

View All Security Terms →