On The (Perceived) Value of EV Certs, Commercial CAs, Phishing and Let’s Encrypt

Sponsored by: Thanks to Raygun! See every problem in your software and how to fix it. Reproduce issues with greater speed and accuracy. Try it free today!

Last week I wrote about how Life Is About to Get a Whole Lot Harder for Websites Without HTTPS. Somewhere in the comments there, the discussion went off on a tangent about commercial CAs, the threat Let’s Encrypt poses to them and subsequently, the value (or lack thereof) posed by

Continue reading On The (Perceived) Value of EV Certs, Commercial CAs, Phishing and Let’s Encrypt

On The (Perceived) Value of EV Certs, Commercial CAs, Phishing and Let’s Encrypt

Sponsored by: Matchlight by Terbium Labs: Know when your exact data appears on the dark web. Contact us for a demo today.

Last week I wrote about how Life Is About to Get a Whole Lot Harder for Websites Without HTTPS. Somewhere in the comments there, the discussion went off on a tangent about commercial CAs, the threat Let’s Encrypt poses to them and subsequently, the value (or lack thereof) posed by

Continue reading On The (Perceived) Value of EV Certs, Commercial CAs, Phishing and Let’s Encrypt

Free Certs Come With a Cost

Leading certificate authority Let’s Encrypt is facing criticism that its rapid growth and eagerness to encrypt internet communications is happening at a cost. Continue reading Free Certs Come With a Cost

Life Is About to Get a Whole Lot Harder for Websites Without HTTPS

Sponsored by: Matchlight by Terbium Labs: Know when your exact data appears on the dark web. Contact us for a demo today.

In case you haven’t noticed, we’re on a rapid march towards a “secure by default” web when it comes to protecting traffic. For example, back in Feb this year, 20% of the Alexa Top 1 Million sites were forcing the secure scheme:

HTTPS at 20%

These figures are from Scott Helme’s

Continue reading Life Is About to Get a Whole Lot Harder for Websites Without HTTPS

Life Is About to Get a Whole Lot Harder for Websites Without HTTPS

Sponsored by: Matchlight by Terbium Labs: Know when your exact data appears on the dark web. Contact us for a demo today.

In case you haven’t noticed, we’re on a rapid march towards a “secure by default” web when it comes to protecting traffic. For example, back in Feb this year, 20% of the Alexa Top 1 Million sites were forcing the secure scheme:

HTTPS at 20%

These figures are from Scott Helme’s biannual report

Continue reading Life Is About to Get a Whole Lot Harder for Websites Without HTTPS

The World is Changing

The world is changing; it always has but the world is changing faster now than it ever has before. This general change is translating into even bigger changes in the cyber world. Some of the key areas that are evolving aren’t new, like availability or security. Others like automation are maturing quickly, and then there […]

The post The World is Changing appeared first on Radware Blog.

Continue reading The World is Changing

To stay secure: Four new SSL implementation thoughts

10 years ago, I left my position as the principal architect at a major U.S. financial institution. We developed the standards for how SSL was used inside the bank and their systems. Because of the weakness of ADC hardware at the time, we standardized on the “fastest and lightest” ciphers that would allow us to […]

The post To stay secure: Four new SSL implementation thoughts appeared first on Radware Blog.

Continue reading To stay secure: Four new SSL implementation thoughts

News – Enterprise Security Weekly #46

Stopping insider threats with machine learning, the importance of inspecting encrypted traffic, performance and security relations, and what to do if you’re SOC is overwhelmed with too many SEIM alerts. Full Show Notes http://traffic.libsyn.com/eswaudio/News4_-_Enterprise_Security_Weekly_46_converted.mp3 Continue reading News – Enterprise Security Weekly #46

Tiptoeing Through Vulnerabilities

I sympathize with developers who throw up their hands and say, “I don’t do security stuff.” No matter what you choose, there’s a trade off that could go wrong. It’s especially troublesome if one deploys a “security website.” I’ve deployed security education websites in many environments over the past 20 years, and I rarely achieve … Continue reading Tiptoeing Through Vulnerabilities Continue reading Tiptoeing Through Vulnerabilities