August 04, 2015
The HTTP protocol is finally getting its first major overhaul, bringing a number of improvements to managing the connections between servers and users.
June 19, 2015
News roundup: Details have emerged about weaknesses in OS X and iOS that allow attackers to upload malware and steal passwords and data. Plus: More jump on HTTPS bandwagon; CSO/CDO salaries increase; 23% of software app components contain flaws.
June 05, 2015
News roundup: New settings and options to boost user privacy and security are emerging on major websites, but is it enough?
April 29, 2015
As SSL traffic increases, so inevitably will the number of attacks using it to hide. A session at RSA Conference 2015 explained why hackers love SSL, and how enterprises can defend against them.
HTTP Get Started
Bring yourself up to speed with our introductory content
All companies must include three areas in their Exchange Server 2016 design blueprint -- servers and storage, availability groups and namespaces. Continue Reading
The recent Exchange 2013 cumulative update includes improved features for Public Folders and Exchange ActiveSync. Continue Reading
There are several flaws in IIS that can jeopardize the security of Windows servers. Here are some of the top threats and how to solve them. Continue Reading
Evaluate HTTP Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
The cyberthreat landscape grows more dangerous by the day. Harvey Koeppel offers a 12-point cybersecurity checklist for CIOs. Continue Reading
Learn about the new and improved security features in the upcoming Microsoft Edge browser, including on-by-default sandboxes, Passport and HTML5. Continue Reading
Expert Michael Cobb explains how an HTTP referer header affects user privacy and outlines changes that can be made to ensure sensitive data is not leaked. Continue Reading
Learn to apply best practices and optimize your operations.
Enterprise architects don't have to leave SOA principles behind when they develop mobile applications. Granted, the way SOA is applied may change, but it remains useful.
In this handbook, contributor George Lawton and consultant Tom Nolle present mobile SOA success stories and further potential uses for SOA in mobile development. Lawton opens with an article on how SOA principles can be used to address mobile problems. Next, Lawton discovers how one company used caching services to improve mobile application performance. Nolle closes with an article on using SOA principles to design mobile contextual apps. Continue Reading
Whether it is obvious in an organization or not, API testing exists. Learn why API testing is necessary in the application world. Continue Reading
After the discovery that the FREAK vulnerability can affect a wide variety of OSes, enterprises should amp up mitigation efforts. Here's some background on the attack and how to stop it. Continue Reading
Problem Solve HTTP Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Transport Layer Security (TLS) and Secure Sockets Layer (SSL) cryptographic protocols have long been the cornerstone of Web application security, and the whole process finds its root (quite literally) in a system of signed certificates. The trouble is this security system has turned into a vulnerability. Too often an enterprise possesses a hodgepodge of signed certificates from various Certificate Authorities (CAs) that are thrown into the directories of protected services, and then often forgotten until they expire. Worse yet, recently hackers have managed to create fake certificates. CAs -- once a seemingly effective answer to ensuring Web security -- are now providing an attack surface for hackers to take advantage of.
This technical guide surveys the CA landscape, opening with a field report on the latest CA security issue, the problem of fake certificates. To help explain the nature of this threat, our second chapter delves into the certificate system, current problems with it, and what enterprise IT staff can do. This guide’s closing chapter examines industry efforts to cope with the threat: TLS 1.3. Through this guide, IT professionals, and especially those concerned with network security, will learn the latest about TLS/SSL security. Continue Reading
I'm migrating Exchange 2010 mailboxes to Exchange 2013. How will Outlook clients know the mailboxes moved after the migration? Continue Reading
Desired State Configuration is a powerful tool, but doesn't yet include many built-in resources. Learn how to find more and expand your repertoire. Continue Reading