• Always-On SSL

    Always-On SSL is an approach to securing your website to mitigate attacks against your users. When I think of Always-On SSL, I think of three concepts: SSL across your entire site, SSL deployed to the best practices, and SSL with leading technology. SSL across Your Entire Site The approach to Always-On SSL is to avoid hijacking of the sessions with

        in EV SSL, SSL, SSL Deployment
    0
  • SSL – Privacy, Integrity, Authenticity

    I was recently reminded by a couple of security researchers that SSL provides privacy, integrity and authenticity.

        in SSL, SSL Deployment
    0
  • Testing Your SSL Server for CRIME

    We still have to wait for later this week when Juliano Rizzo and Thai Duong will present their CRIME SSL/TLS attack at Ekoparty Security Conference. Regardless, we now know that the attack is based on the implementation of TLS compression or SPDY (pronounced “speedy”). CRIME uses the vulnerability that there is information leakage when data is compressed prior to encryption.

        in Secure Browsing, SSL, SSL Deployment
    0
  • SSL/TLS Deployment Best Practices

    SSL Labs has created an SSL/TLS Deployment Best Practices guide. The guide contains valuable information on how to deploy SSL in your environment. The data from SSL Pulse shows us there are plenty of SSL implementations that could be executed more securely. These problems are not from the CA, the certificate, the browser or the server. These problems are from

        in SSL Deployment
    0
  • Testing Your SSL Server for CRIME

    We still have to wait for later this week when Juliano Rizzo and Thai Duong will present their CRIME SSL/TLS attack at Ekoparty Security Conference. Regardless, we now know that the attack is based on the implementation of TLS compression or SPDY (pronounced “speedy”). CRIME uses the vulnerability that there is information leakage when data is compressed prior to encryption.

        in Secure Browsing, SSL, SSL Deployment
    0
  • SSL/TLS Deployment Best Practices

    SSL Labs has created an SSL/TLS Deployment Best Practices guide. The guide contains valuable information on how to deploy SSL in your environment. The data from SSL Pulse shows us there are plenty of SSL implementations that could be executed more securely. These problems are not from the CA, the certificate, the browser or the server. These problems are from

        in SSL Deployment
    0
Page 1 of 212