Web security tools and best practices
Get news and expert advice on Web security tools and threats. Find out about current threats against Web applications, web security tools, SSL and TLS encryption, Web services, SOA, web access control, web server security, URL filtering, content filtering and browser security.
Go Now: Malware Protection Best Practices
Should security teams clean up the malware and move on or format the hard drives to start over with a clean system? In this expert guide, security pros weigh in on how antimalware protects the enterprise.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
Web security tools and best practices News
-
July 20, 2017
20
Jul'17
Industry reacts to Symantec certificate authority trust remediation
As the Symantec certificate authority scrambles to transition its certificate-issuance operations to a subordinate certificate authority, the CA industry sharpens its knives.
-
July 19, 2017
19
Jul'17
Symantec agrees to transfer certificate issuance to third party
Symantec has agreed to a plan that would transfer its certificate issuance and validation operations to as-yet-unnamed third-party partner starting Dec. 1.
-
July 13, 2017
13
Jul'17
Symantec certificate authority business reportedly for sale
As Google and Mozilla prepare plans to reduce trust for Symantec's certificate authority, the antivirus vendor is reported to be seeking a buyer for its web certificate business.
-
July 10, 2017
10
Jul'17
WoSign CA certificates get end-of-trust date in Chrome
Google to distrust all WoSign CA certificates in Chrome starting in September, as the troubled certificate authority passed a key audit and is seeking a new CEO to help return trust.
Web security tools and best practices Get Started
Bring yourself up to speed with our introductory content
-
distributed denial of service (DDoS) attack
A distributed denial-of-service attack occurs when an attack originates from multiple computers or devices, usually from multiple different locations or networks. Continue Reading
-
Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL) is a computer networking protocol for securing connections between network application clients and servers over an insecure network, such as the internet. Continue Reading
-
How can an HTTPS session get hijacked with the Forbidden attack?
An HTTPS session with a reused nonce is vulnerable to the Forbidden attack. Expert Nick Lewis explains how the attack works, and how to properly secure HTTPS-authenticated sites. Continue Reading
Evaluate Web security tools and best practices Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
Health information privacy threatened in race for marketing data
The recent repeal of broadband privacy rules may affect how consumers' health information is used for marketing and advertising purposes. Continue Reading
-
Timeline: Symantec certificate authority improprieties
Timeline: Follow along as Google and Mozilla raise issues with Symantec certificate authority actions, and then attempt to return trust to the CA giant. Continue Reading
-
Same-origin policy: How did Adobe Flash Player's implementation fail?
The same-origin security feature in Adobe Flash Player was implemented incorrectly, allowing local attackers to spy on users. Expert Michael Cobb explains how this flaw occurred. Continue Reading
Manage Web security tools and best practices
Learn to apply best practices and optimize your operations.
-
Are browsers using the HTTP/2 protocol vulnerable to HEIST attacks?
HEIST, a new HTTP/2 protocol exploit, can steal encrypted content from HTTPS traffic. Expert Michael Cobb explains how this attack works and how to stop it. Continue Reading
-
Resolve web security issues with advice from industry experts
Web security issues begin at the web app development stage, but there are ways security pros and developers can collaborate to boost security without sacrificing app performance. Continue Reading
-
Recent SSL attacks: How to protect your organization
SSL attacks such as Heartbleed, POODLE and Shellshock have placed countless enterprises at risk. Learn how these different attacks work, and how they can be prevented or mitigated. Continue Reading
Problem Solve Web security tools and best practices Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
How are forged cookies used in attacks on online user accounts?
Yahoo claimed a vulnerability in its email service enabled attackers to use forged cookies to gain access to user accounts. Expert Michael Cobb explains how these cookies are used. Continue Reading
-
How to detect preinstalled malware in custom servers
Preinstalled malware was reportedly found by Apple in its custom servers. Expert Nick Lewis explains how enterprises can protect themselves from encountering similar issues. Continue Reading
-
Ticketbleed flaw: How can SSL session identities be protected?
The Ticketbleed flaw in F5 Networks' BIG-IP appliances leaks uninitialized memory and SSL session identities. Expert Michael Cobb explains how enterprises can mitigate it. Continue Reading