September 09, 2016
Google's campaign to encrypt the web continues, as Chrome browser security will flag any sites using HTTP for passwords or payment info as insecure, starting in 2017.
August 16, 2016
Fidelis Cybersecurity reports notorious Vawtrak banking Trojan gets upgrades to increase security and evade detection, including SSL pinning and domain generation algorithm.
August 05, 2016
Black Hat researchers report flaws in key web protocols, demonstrating widespread flaws in HTTP/2 implementations; Banner Health announces breach affecting 3.7 million.
July 18, 2016
Responsible disclosure wins as researchers roll out branded website for 'httpoxy,' a set of vulnerabilities in server-side web apps that use the HTTP_PROXY variable.
HTTP Get Started
Bring yourself up to speed with our introductory content
An HTTPS session with a reused nonce is vulnerable to the Forbidden attack. Expert Nick Lewis explains how the attack works, and how to properly secure HTTPS-authenticated sites. Continue Reading
An application delivery controller (ADC) sits between you and the web server farm to manage the traffic between you and any number of back-end servers. In other words, app delivery controllers control the delivery of the web application to you -- hence the name.
Older ADCs required custom ASICs, which raised costs, but processing power has advanced so that ADCs with sophisticated functionality can be implemented in software and run on cost-effective general-purpose processors. This allows today's app delivery controllers to be implemented not only as standalone hardware devices but quite effectively as virtual appliances as well or as a hosted service. In other words, more companies than ever can afford an ADC.
This Buyer's Guide explains key developments in app delivery controller technology and reviews the features ADCs can have. It serves as a manual for networking professionals and others involved in acquiring an app delivery controller for their particular company.Continue Reading
Application delivery controllers have advanced in ways that make ADCs more useful for a wider range of companies than ever before. This guide outlines what you need to know about app delivery controllers in order to buy the best for your company. Continue Reading
Evaluate HTTP Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Using HTTP as the bus for traffic between microservices can create some unwanted impacts, including more TCP/IP overhead. Mark Betz goes over some useful alternatives to HTTP. Continue Reading
Nginx, HAProxy and Linux Virtual Server are three different Linux load balancer to consider for multiserver, high-traffic requests in the data center. Continue Reading
The BREACH attack has been updated to perform faster data theft. Expert Nick Lewis explains the differences in this attack and the threat level for organizations that use Gmail. Continue Reading
Learn to apply best practices and optimize your operations.
Enterprises can't avoid dealing with cloud-based application security any longer. Expert Dejan Lukan discusses the challenges and why they're not as bad as they seem. Continue Reading
Advanced persistent threat groups are using public cloud services to their advantage. Expert Ed Moyle explains how enterprises can protect themselves. Continue Reading
Wireshark display tools such as capture and packet filtering offer critical insights into network functioning, but only if properly understood and managed. Continue Reading
Problem Solve HTTP Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Some AWS users have difficulty setting HTTP response headers based on Lambda functions. Chris Moyer explains how to accomplish that task, and how it can be helpful for developers. Continue Reading
The security of the individual data center server can get lost in the shuffle of protecting enterprise networks. These server security tools will help. Continue Reading
How can I enable Outlook Anywhere to allow internal use for all users and external use for only some users in Exchange 2013? Continue Reading