Machines have identities, too

Over 50 percent of internet traffic now comprises API calls: so, shouldn’t we think harder about machine identity?

17 August 2020 . 0:34:22

Show Notes for Series 02 Episode 03

The headlines are often full of how organizations’ priceless data and intellectual property has been hacked by bad actors impersonating individuals. But what about machines being spoofed? How do you know that your e-commerce payment provider’s servers are what they claim to be? When your API calls get re-routed behind the scenes, your company’s data — and therefore its livelihood — are at stake.

This episode of the Tech Means Business podcast looks at the changing shape of our concepts of identity. In a technology world that’s dominated by machine-to-machine interactions, how can we be sure that the people or devices online are who, or what, they claim to be? We’re joined by Kevin Bocek, the VP of Security Strategy & Threat Intelligence at Venafi, to talk these issues through.

A skilled cryptographer by trade (but not much of a programmer — by his own admission), Kevin shares his knowledge of certificates, authenticity, machine handshakes and much more besides. Whether you’re signing code, needing to test the veracity of a website, or looking to prevent your connected business from cyber incursions, machine identity proof is now a central part of cybersec.

If your organization uses APIs, SSH, CAs or HTTPS (other acronyms are available), this episode of the Tech Means Business podcast is essential listening. Fascinating stuff!

All things machine identity-related:


Kevin’s potted biography right here:


And please connect with your host via LinkedIn (allegedly, but do check your DNS cache):