spiral frame windows thumb

The Added Value of SNI-Only Mode in Imperva Cloud WAF

Imperva has modified the default behavior for new cloud WAF sites, now enforcing Server Name Indication (SNI)-only traffic by default. This shift is aimed at optimizing the utilization of TLS-related features, both ...
confidential Oracle recovery gateway, security

Why API Gateways are Critical for Cloud Security

What is an API gateway? APIs are an important part of the information economy, allowing applications to communicate with each other, and sharing functionality and data. An API gateway is middleware that ...
Security Boulevard
Russia Force-Feeds new, ‘Trusted’ CA—Yeah, RIGHT

Russia Force-Feeds new, ‘Trusted’ CA—Yeah, RIGHT

Websites in Russia can’t renew their TLS/HTTPS certs. Moscow’s solution is to create a new certificate authority. But the man-in-the-middle threat should be obvious ...
Security Boulevard
Images extracted from decrypted HTTP/2 traffic shown in NetworkMiner

PolarProxy in Windows Sandbox

In this video I demonstrate how PolarProxy can be run in a Windows Sandbox to intercept and decrypt outgoing TLS communication. This setup can be used to inspect otherwise encrypted traffic from ...
Best of 2021 - Chrome to Enforce HTTPS Web Protocol (Like It or Not)

Best of 2021 – Chrome to Enforce HTTPS Web Protocol (Like It or Not)

What a difference an ‘s’ makes. This seemingly unimportant change could have a big—if unseen—impact ...
Security Boulevard

Top 6 Questions to Ask When Selecting SSL Protection Solutions

There is no one-size-fits-all solution for SSL protection. Each organization has its own unique priorities, business needs, sensitivities, and privacy needs. The post Top 6 Questions to Ask When Selecting SSL Protection ...
Secure Developer Challenge May 2021

Secure Developer Challenge May 2021

Thanks to everyone who submitted to the Secure Developer Challenge for May 2021!For this month’s challenge (https://go.shiftleft.io/developer-challenge-05-2021), we asked you to identify which of these statements about HTTP security headers are false:The correct answer ...
Chrome HTTPS Update: Chrome 90 to Use HTTPS for Incomplete URLs

Chrome HTTPS Update: Chrome 90 to Use HTTPS for Incomplete URLs

Google Chrome version 90 will default to HTTPS for incomplete URLS. For example, Chrome will load “https://domain.com” when a user types “domain.com.” (And if the HTTPS fails because a site... The post ...
Malware

Fileless Malware, Endpoint Attacks on the Rise

Cybercriminals are increasingly leveraging fileless malware, cryptominers and encrypted attacks, targeting users both at remote locations as well as corporate assets behind the traditional network perimeter. These were among the findings of ...
Security Boulevard
Getting the most out of your NIDS

Getting the most out of your NIDS

By Jon Natkins, Product Manager, Corelight Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the ...