Name: Modern HTTPS deployments
Start: 2018-02-23T11:00:00+0000
End: 2018-02-23T12:30:00+0000

Modern HTTPS deployments

HTTPS and SSL/TLS have been under fire for years. In this session, we explore the impact of several attacks. We also discuss several new browser defenses to mitigate these attacks.

Abstract
HTTPS/SSL/TLS has been under fire for years. FREAK, POODLE, BEAST, and CRIME represent practical cryptographic attacks. Add to that an inherently weak CA system, and you end up with a large number of insecure HTTPS deployments.

However, recent browser-based defenses significantly improve the security properties of HTTPS. This session dives deep into the security properties of the HTTPS protocol. We explore problems with legacy features and their impact. And most important, we will talk about modern defenses to improve your HTTPS deployment. You will walk away with a set of best practices to offer your users the most secure HTTPS experience possible.

This session is intended for anyone working on network-based applications

Speakers

Jim Manico

Founder, Manicode Security

Jim Manico is the Founder of Manicode Security, a company dedicated to providing expert training in secure coding and security engineering to software developers. His work at Manicode Security reflects his deep commitment to elevating software security standards in the industry. In... Read More →

13. HTTPS MODULE 8 31 2017 pdf

Friday February 23, 2018 11:00 - 12:30 GMT
Room: Lemaire

Web

SecAppDev 2018

Jim Manico

Attendees (16)

SecAppDev 2018

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Jim Manico

Attendees (16)