HTTPS
The Added Value of SNI-Only Mode in Imperva Cloud WAF
Imperva has modified the default behavior for new cloud WAF sites, now enforcing Server Name Indication (SNI)-only traffic by default. This shift is aimed at optimizing the utilization of TLS-related features, both ...
Why API Gateways are Critical for Cloud Security
What is an API gateway? APIs are an important part of the information economy, allowing applications to communicate with each other, and sharing functionality and data. An API gateway is middleware that ...
Russia Force-Feeds new, ‘Trusted’ CA—Yeah, RIGHT
Websites in Russia can’t renew their TLS/HTTPS certs. Moscow’s solution is to create a new certificate authority. But the man-in-the-middle threat should be obvious ...
PolarProxy in Windows Sandbox
In this video I demonstrate how PolarProxy can be run in a Windows Sandbox to intercept and decrypt outgoing TLS communication. This setup can be used to inspect otherwise encrypted traffic from ...
Best of 2021 – Chrome to Enforce HTTPS Web Protocol (Like It or Not)
What a difference an ‘s’ makes. This seemingly unimportant change could have a big—if unseen—impact ...
Top 6 Questions to Ask When Selecting SSL Protection Solutions
There is no one-size-fits-all solution for SSL protection. Each organization has its own unique priorities, business needs, sensitivities, and privacy needs. The post Top 6 Questions to Ask When Selecting SSL Protection ...
Secure Developer Challenge May 2021
Thanks to everyone who submitted to the Secure Developer Challenge for May 2021!For this month’s challenge (https://go.shiftleft.io/developer-challenge-05-2021), we asked you to identify which of these statements about HTTP security headers are false:The correct answer ...
Chrome HTTPS Update: Chrome 90 to Use HTTPS for Incomplete URLs
Google Chrome version 90 will default to HTTPS for incomplete URLS. For example, Chrome will load “https://domain.com” when a user types “domain.com.” (And if the HTTPS fails because a site... The post ...
Fileless Malware, Endpoint Attacks on the Rise
Cybercriminals are increasingly leveraging fileless malware, cryptominers and encrypted attacks, targeting users both at remote locations as well as corporate assets behind the traditional network perimeter. These were among the findings of ...
Getting the most out of your NIDS
By Jon Natkins, Product Manager, Corelight Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the ...