By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Web security tools and best practices News
April 25, 2017
Google and Mozilla weigh the proper response to Symantec certificate authority issues, as the CA giant prepares an alternative proposal for reinstating trust.
March 23, 2017
Research shows DV certificates can be a prime target for phishing and malware operators, but experts are unsure how certificate authorities should deal with the issue.
February 24, 2017
The Cloudflare bug in CDN is fixed after causing sensitive customer data to leak. Google Project Zero discovered the flaw, and users were warned to change passwords.
January 26, 2017
Researchers found the infamous Heartbleed bug is still unpatched on as many as 200,000 services connected to the internet and experts don't expect that number to change.
Web security tools and best practices Get Started
Bring yourself up to speed with our introductory content
A distributed denial-of-service attack occurs when an attack originates from multiple computers or devices, usually from multiple different locations or networks. Continue Reading
Secure Sockets Layer (SSL) is a computer networking protocol for securing connections between network application clients and servers over an insecure network, such as the internet. Continue Reading
An HTTPS session with a reused nonce is vulnerable to the Forbidden attack. Expert Nick Lewis explains how the attack works, and how to properly secure HTTPS-authenticated sites. Continue Reading
Evaluate Web security tools and best practices Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
The CryptXXX ransomware has been spreading through compromised legitimate websites that redirect to malicious sites. Expert Nick Lewis explains how this happens with WordPress. Continue Reading
In this excerpt from chapter two of DNS Security: Defending the Domain Name System, authors Allan Liska and Geoffrey Stowe discuss why DNS security is important. Continue Reading
Secure web apps are essential to business. Everyday interactions rely on them, which means security flaws in apps have serious ramifications for enterprises. Most studies conclude that more than half of web applications have critical security ... Continue Reading
Manage Web security tools and best practices
Learn to apply best practices and optimize your operations.
HEIST, a new HTTP/2 protocol exploit, can steal encrypted content from HTTPS traffic. Expert Michael Cobb explains how this attack works and how to stop it. Continue Reading
Web security issues begin at the web app development stage, but there are ways security pros and developers can collaborate to boost security without sacrificing app performance. Continue Reading
SSL attacks such as Heartbleed, POODLE and Shellshock have placed countless enterprises at risk. Learn how these different attacks work, and how they can be prevented or mitigated. Continue Reading
Problem Solve Web security tools and best practices Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
The Ticketbleed bug in some F5 Networks products caused session IDs and uninitialized memory to leak. Expert Judith Myerson explains what a session ID is and how attackers use it. Continue Reading
The Nemucod downloader malware is being spread through Facebook Messenger disguised as an image file. Expert Nick Lewis explains the available protections against this attack. Continue Reading
Microsoft won't patch certain ASLR bypass flaws, but enterprises still need to protect against them. Expert Nick Lewis explains the threat and how to avoid it. Continue Reading