Security current events, PKI risk, identity threats, and enterprise cybersecurity explained for the people who operate real systems.
InsecurePlanet exists to give enterprise security practitioners clear, accurate, and actionable intelligence on the threats and vulnerabilities that affect the systems they are responsible for — without the noise, vendor agenda, or sensationalism that makes most security content hard to use.
The original premise of InsecurePlanet was straightforward: the more technologically advanced society becomes, the more vulnerable it becomes. Modern networks now manage and control critical infrastructure — power grids, water systems, transportation, healthcare, financial systems, and the communications infrastructure that ties everything together.
That premise has not changed. What has changed is where the most consequential security failures are happening. Today, the most damaging enterprise compromises run through identity infrastructure — Active Directory, certificate services, authentication systems — not through perimeter breaches. Ransomware operators, nation-state actors, and opportunistic attackers have all converged on the same target: the systems that control who and what is trusted inside an organization.
InsecurePlanet focuses on that intersection — the security of the infrastructure that enterprise organizations depend on to establish and enforce trust. PKI, ADCS, identity, and the current events that affect them. Explained clearly, without exaggeration, for the people who have to act on the information.
Every article is written by someone who has deployed, administered, or broken the systems being discussed — not by generalist security writers working from press releases.
InsecurePlanet is not affiliated with any security vendor, tooling company, or managed security provider. Recommendations are based on what works in production environments.
We cover a focused set of topics with the depth they deserve. We do not publish generic security content to fill a content calendar.
Every article includes specific, prioritized actions. Understanding a threat is only useful if it leads to a decision. We write for people who need to act, not just read.
Four interconnected areas where enterprise security risk is highest and where clear, current intelligence makes the most practical difference.
Practitioners responsible for securing Active Directory, certificate infrastructure, and identity systems in large organizations.
Professionals managing ADCS, certificate templates, CA hierarchies, and certificate lifecycle in Windows environments.
Systems administrators who operate domain controllers, CA servers, and the infrastructure that certificate security depends on.
Teams responsible for Azure AD, hybrid identity, conditional access, and authentication policy in enterprise environments.
Security managers, CISOs, and compliance professionals who need clear, accurate intelligence without vendor noise.
Any organization that needs practical, actionable cybersecurity guidance grounded in real-world enterprise experience.

Richard Sepulveda created InsecurePlanet.com to provide practical cybersecurity insight for people responsible for operating, securing, and defending real enterprise systems. The site focuses on security current events, exploited vulnerabilities, PKI, digital certificates, Microsoft ADCS, identity security, Zero Trust, and enterprise infrastructure risk.
The original InsecurePlanet documented the broad landscape of global security threats — the ways that technological dependence creates systemic vulnerability across critical infrastructure, from power grids and water systems to transportation networks and medical devices. That foundational perspective — that security is a systems problem, not just a technical one — still informs how InsecurePlanet approaches coverage today.
The modern InsecurePlanet focuses that lens on the enterprise security domain where the most consequential failures are currently happening: Active Directory, PKI, certificate services, and identity infrastructure. The goal has not changed since the site was founded — give security practitioners the information they need to make better decisions about the systems they are responsible for protecting.
Contact InsecurePlanet to suggest a topic, ask a question, or inquire about PKI and enterprise cybersecurity advisory services.
Contact InsecurePlanetWeekly PKI and ADCS intelligence — CISA KEV updates, Patch Tuesday coverage, and new articles. Free, no spam.
Subscribe freeADCS Security Checklist — ESC1–ESC13 remediation, CA hardening, and enrollment endpoint security in one document.
Download freeADCS health check, PKI architecture review, or incident response — scoped to fit your environment.
View servicesIf you have a question about something covered on InsecurePlanet, a correction to submit, a topic you would like to see covered, or an inquiry about advisory services — use the contact form. We read every message and respond to substantive inquiries.