Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Website Security Solutions
Showing posts in English
FranRosch | 07 Aug 2012 | 0 comments

Last week the Certificate Authority / Browser Forum (CA/B) voted down a motion to extend a deadline for its members to sign an intellectual property rights agreement (IPR). Signing this agreement is mandatory to retain membership. Those who had not signed by August 1st are no longer members of the CA/B Forum. Entrust, CyberTrust (Verizon), and Research In Motion (RIM) are among the CAs who did not, or would not sign the IPR. They’re all out.

So what?

What’s so important about the IPR is that it enables CAs and browsers to work together as an industry to develop improved Internet security standards without infringing on any particular organization’s intellectual property rights.  This transparent, collaborative workgroup will help drive innovation to better secure data in transit over the Internet.

As a result of their inaction, the CA’s mentioned above will not have a role in forging a more secure future for...

AllenKelly | 01 Aug 2012 | 1 comment

Last month, a popular social networking site fell victim to one of the industry’s largest hacking attacks, losing more than 6.5 million user passwords—including 165,000 that were cracked and posted online. Shortly after, similar password breaches occurred at a popular dating site and a popular music site.

With hackers increasingly targeting social networking sites to gain sensitive user information, it’s becoming especially important for users to be cautious and mindful of their online behavior. Because chances are, the passwords that many people use to log in to their social networking accounts are the same ones they use to access other online accounts, including banking or other transactional sites.

Want to make sure your next social networking session is a safe one? Here are a few tips...

FranRosch | 02 Jul 2012 | 0 comments

Symantec has been a key driver in collaborative work with the CA/B Forum to develop a new set of baseline requirements for organization and domain validated SSL certificates. The CA/B Forum is an organization of leading Certification Authorities (CAs) and vendors of Internet browser software and other applications. The CA/B Baseline Requirements are documented in “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates v. 1.0”.

We are proud to announce that Symantec is adopting the new Baseline Requirements effective July 1st, 2012. 

The Baseline Requirements focus on providing clear standards for CAs on important topics including verification of identity, certificate content and profiles, CA security, revocation mechanisms, use of algorithms and key sizes, audit requirements, liability, privacy and confidentiality, and delegation (...

geoffnoakes | 06 Jun 2012 | 1 comment

I sat down today with Craig Spiezle, Executive Director of the Online Trust Alliance, at the Internet Retailer show in Chicago, to learn more about OTA’s Online Trust Honor Roll announcement.  This is the OTA's fourth annual Online Trust Honor Roll -- the report promotes for the adoption of best practices; it recognizes leaders, and it provides prescriptive advice to businesses and governments.  Symantec had made the OTA’s Online Trust Honor Roll 4 years in a row.  The report is located at

Among the changes in this year’s report:

  • Tools, methodology, and transparency: the OTA uses a number of publicly-available tools to capture and report on its best practices, and defines its methodology in the report,...
AllenKelly | 17 May 2012 | 0 comments

Author: Dean Coclin, Senior Director of Business Development at Symantec

Today, I had the opportunity to meet over a hundred talented developers at AnDevCon 2012 during my session on “Challenges in Code Signing and Key Security."

Android has quickly become one of the most popular operating systems for mobile devices. It’s amazing how this ecosystem has changed. Only 5 years ago, Symbian was the #1 smartphone OS in the world and now its market share has dwindled down to a much smaller number. Five years ago we were also carrying around our Palm Treo devices, a company that no longer even exists and their WebOS has been literally thrown away by HP, their new parent.

It’s been an interesting month in the Bay Area as tech giants Oracle and Google battled each other in court over whether Android contains unlicensed portions of Java™. But while the...

FranRosch | 09 May 2012 | 1 comment

We started Vision 2012, our technology summit, with a bang this year.  Yesterday, Symantec made two significant mobile authentication announcements: Code Signing (CS) for Android and Certificate Intelligence Center (CIC) for Mobile.  To set the stage for extending our solutions to mobile, let’s do a quick recap of the current mobile threat landscape.  

With the growing uptake in smartphones and tablets, and their increasing connectivity and capability, there has been a corresponding increase in activity by malicious attackers.  Symantec’s 2012 Internet Security Threat Report revealed that mobile vulnerabilities increased by 93 percent in 2011 while at the same time, a rise in threats targeting the Android operating system occurred.  The report also showed that 2011 was the first year that...

Teresa Wingfield | 30 Apr 2012 | 0 comments

If you are using self-signed SSL certificates for internal sites such as corporate email servers, human resource portals, wikis, software development sandboxes, etc. you’re probably doing so because you think you’re saving your company a ton of money by not purchasing certificates from a third-party Certificate Authority.  But, for a number of reasons, this probably isn’t true. 

Self-signed certificates cost more than most  implementers realize because the total cost of ownership (TCO) of an SSL certificate is far more than just the price of the certificate. From security hardware, to management software, to data center space and more, the costs of establishing a secure self-signing architecture can quickly add up.  And, a do-it-yourself approach to SSL security may put an organization at risk for costly security breaches and lost trust.

“The Hidden Costs of Self-Signed SSL Certificates” is a new white paper that...

AllenKelly | 24 Apr 2012 | 0 comments

To participate in the contest, start surfing the Internet to find the new Norton Secured Seal. 


Once you have located the new seal, tweet the following phrase to qualify for a daily drawing: “I spotted the Norton Secured Seal at (insert publicly-accessible URL) #SpotTheCheck” hash tag in less than 140 English characters.

Entrants will be entered into a random drawing each day for a seven day period to win a $100 gift card to 

Full contest rules are below.




FranRosch | 23 Apr 2012 | 1 comment

Today, the VeriSign seal got a new look and became the new Norton Secured Seal. 

One of the questions we get asked the most is why make this change to one of the most recognized trust marks on the Internet.  Our response, it just makes sense for us and for our customers.  By combining the power of the VeriSign checkmark with the industry’s most respected Norton brand, we are creating the most valued and highly visible security seal on the Internet.  Businesses will experience the same high security standards and protection that was delivered from the previous VeriSign seal.  The rigorous and proven authentication processes ensures their customers and information stays safe and secure.

The Value of a Trust Seal

The Norton Secured Seal is an indispensable tool and is valued by business customers for its proven ability to provide consumers a secure online experience while instilling confidence and trust in their...

AllenKelly | 17 Apr 2012 | 1 comment

Over the next few weeks, we’ll be making a change to the trust mark on your websites. We are combining the VeriSign Checkmark with the industry-leading Norton brand to create the Norton™ Secured Seal. By bringing together these two well-known and respected brands, the new seal will not only prove to your site visitors that the site is secure, but may also increase traffic, add click-throughs and provide higher visibility in search results. Even before the official launch, a U.S. online consumer study found high recognition of the Norton Secured Seal.

We developed the new Norton Secured Seal to provide our customers with increased visibility and transactions, and plan to make this transition as smooth and seamless as possible. We understand that for many of our customers, having...