Open Mobile Menu

Blog

Filed In: Application Security, Security

HTTPS or Be Warned

Adam Caudill

Written By: Adam Caudill

July 24, 2018

Views: 616

Today marks an important event in the security of the web – starting with today’s release of Chrome v68, the most popular browser in use today is warning users when they access a website over an insecure connection. While this is a small change to the user interface, it makes the dangers of insecure connections clear to users, even in cases where the website doesn’t collect information.

Read more.

Filed In: InfoSec, Security Testing, Application Security

Practical Advice for SHA-1

Adam Caudill

Written By: Adam Caudill

February 24, 2017

Views: 1584

Today a long-awaited announcement was made, Google released the first full SHA-1 collision. For those in the cryptography community, it was widely expected that such a break would occur this year; the flaws that allow the attack have been known since 2005 and academic work has been going on since then to produce a full collision.

Read more.

Evolving Steps to Protect Web Applications

Adam Caudill

Written By: Adam Caudill

September 07, 2016

Views: 1749

The world of application security is constantly evolving, and there are some exciting efforts underway now. This article discusses some of the more important changes that are happening, and what you need to do to be ready for them.

Read more.

Practical Advice For SWEET32

Adam Caudill

Written By: Adam Caudill

August 24, 2016

Views: 5418

This morning, the information security world was abuzz about SWEET32, a new vulnerability affecting a number of protocols, such as TLS, SSH, IPsec and OpenVPN. The issue isn’t a problem with the protocols themselves, but with their support for certain encryption algorithms that share a special property: small block size...

Read more.