Using Logs to Investigate – SQL Injection Attack Example

Using Logs to Investigate – SQL Injection Attack Example

A log file is an extremely valuable piece of information that is provided by a server. Almost all servers, services, and applications provide some sort of logging. A log file records events and actions that take place during the run time of a service or... Read More → The post ... Read More
TLS Security 1: What Is SSL/TLS

TLS Security 1: What Is SSL/TLS

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are cryptographic security protocols. They are used to make sure that network communication is secure. Their main goals are to provide data integrity and communication privacy. The SSL protocol was the first protocol designed for this purpose and TLS is its ... Read More
TLS Security 5: Establishing a TLS Connection

TLS Security 5: Establishing a TLS Connection

The process of establishing a secure SSL/TLS connection involves several steps. SSL/TLS security protocols use a combination of asymmetric and symmetric encryption. The client and the server must negotiate the algorithms used and exchange key information. For the purpose of explaining this complex process, we use a TLS 1.2 connection, ... Read More
TLS Security 4: SSL/TLS Certificates

TLS Security 4: SSL/TLS Certificates

When you communicate securely with a third party using data encryption, you usually want to be sure that they are who they say they are. For example, when you use an online bank or an e-commerce site and you send sensitive information, you want to be certain that this is ... Read More
TLS Security 3: SSL/TLS Terminology and Basics

TLS Security 3: SSL/TLS Terminology and Basics

To understand how Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols works, you must first understand certain basic concepts. The primary mechanism used by SSL/TLS is asymmetric encryption with cipher suites. These and related terms are explained below. Encryption Encryption is the process in which a human-readable message ... Read More
TLS Security 6: Examples of TLS Vulnerabilities and Attacks

TLS Security 6: Examples of TLS Vulnerabilities and Attacks

The Secure Sockets Layer (SSL) and the Transport Layer Security (TLS) cryptographic protocols have had their share of flaws like every other technology. The following are major vulnerabilities in TLS/SSL protocols. They all affect older versions of the protocol (TLSv1.2 and older). At the time of publication, only one major ... Read More
TLS Security 2: A Brief History of SSL/TLS

TLS Security 2: A Brief History of SSL/TLS

The Secure Sockets Layer (SSL) protocol was first introduced by Netscape in 1994. The Internet was growing and there was a need for transport security for web browsers and for various TCP protocols. Version 1.0 of SSL was never released because it had serious security flaws. The first official release ... Read More