SecAppDev 2019 has ended
Back To Schedule
Friday, February 22 • 09:00 - 10:30
Modern HTTPS deployments

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

HTTPS and SSL/TLS have been under fire for years. In this session, we explore the impact of several attacks. We also discuss several new browser defenses to mitigate these attacks.

HTTPS/SSL/TLS has been under fire for years. FREAK, POODLE, BEAST, and CRIME represent practical cryptographic attacks. Add to that an inherently weak CA system, and you end up with a large number of insecure HTTPS deployments.

However, recent browser-based defenses significantly improve the security properties of HTTPS. This session dives deep into the security properties of the HTTPS protocol. We explore problems with legacy features and their impact. And most important, we will talk about new defenses to improve your HTTPS deployment. You will walk away with a set of best practices to offer your users the most secure HTTPS experience possible.

This session is intended for anyone working on network-based applications.


Jim Manico

CEO, Manicode Security

Friday February 22, 2019 09:00 - 10:30 CET
Main building (room Lemaire)