September 18, 2015
News roundup: Additional research shows a Cisco router implant affects more devices than originally reported. Plus: Let's Encrypt's first cert issued; Tor in the library; the mitigated (but not fixed) iOS AirDrop vulnerability.
August 04, 2015
The HTTP protocol is finally getting its first major overhaul, bringing a number of improvements to managing the connections between servers and users.
June 19, 2015
News roundup: Details have emerged about weaknesses in OS X and iOS that allow attackers to upload malware and steal passwords and data. Plus: More jump on HTTPS bandwagon; CSO/CDO salaries increase; 23% of software app components contain flaws.
June 05, 2015
News roundup: New settings and options to boost user privacy and security are emerging on major websites, but is it enough?
HTTP Get Started
Bring yourself up to speed with our introductory content
Opportunistic encryption offers encryption for servers that don't support HTTPS. Expert Michael Cobb explains how it works and how it can help Web security. Continue Reading
Expert Brad Causey compares the best Web application firewalls on the market across three types of product types: cloud, integrated and appliance. Continue Reading
Evaluate HTTP Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Facebook added OpenPGP encryption to its messaging services to help improve messaging safety. Expert Michael Cobb explains the benefits of the approach. Continue Reading
The evolution of IoT means the birth of IoT cloud services, and that means IT administrators will have to view their networks in new ways. Continue Reading
Connect external applications to AWS products through the Amazon API Gateway, which allows users to define how service requests and transfers are handled. Continue Reading
Learn to apply best practices and optimize your operations.
Now more than ever, it's critical to keep track of the data being sent to the Internet even when your device is sitting idle. Brad Irby examines the tools you can use to do this. Continue Reading
SSL subscription services are emerging to help enterprises handle the daunting task of SSL certificate management. Expert Michael Cobb discusses the benefits of such a service. Continue Reading
Developers are looking to increase Web application performance with alternatives to REST development approaches. Continue Reading
Problem Solve HTTP Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
The cyberthreat landscape grows more dangerous by the day. Harvey Koeppel offers a 12-point cybersecurity checklist for CIOs. Continue Reading
Transport Layer Security (TLS) and Secure Sockets Layer (SSL) cryptographic protocols have long been the cornerstone of Web application security, and the whole process finds its root (quite literally) in a system of signed certificates. The trouble is this security system has turned into a vulnerability. Too often an enterprise possesses a hodgepodge of signed certificates from various Certificate Authorities (CAs) that are thrown into the directories of protected services, and then often forgotten until they expire. Worse yet, recently hackers have managed to create fake certificates. CAs -- once a seemingly effective answer to ensuring Web security -- are now providing an attack surface for hackers to take advantage of.
This technical guide surveys the CA landscape, opening with a field report on the latest CA security issue, the problem of fake certificates. To help explain the nature of this threat, our second chapter delves into the certificate system, current problems with it, and what enterprise IT staff can do. This guide’s closing chapter examines industry efforts to cope with the threat: TLS 1.3. Through this guide, IT professionals, and especially those concerned with network security, will learn the latest about TLS/SSL security. Continue Reading
Enterprise architects don't have to leave SOA principles behind when they develop mobile applications. Granted, the way SOA is applied may change, but it remains useful.
In this handbook, contributor George Lawton and consultant Tom Nolle present mobile SOA success stories and further potential uses for SOA in mobile development. Lawton opens with an article on how SOA principles can be used to address mobile problems. Next, Lawton discovers how one company used caching services to improve mobile application performance. Nolle closes with an article on using SOA principles to design mobile contextual apps. Continue Reading