Website Security Solutions | Latest Guides

Route Poisoning: Why we need SSL/TLS

| #Articles

SSL/TLS is the bedrock of modern security. Just about all security strategies involve it or chain back to it at some point. At its core, the contract is this: something encrypted with a user’s public key can only be decrypted by the corresponding private key, and something encrypted with the user’s private key can only be decrypted by the corresponding public key. From this we derive digital sig… [read more →]

Microsoft’s Active Directory Federated Services – A popular choice for SSO

| #New Tech #Articles

Pretty much everyone in the digital age has access to multiple services requiring authentication. Most modern workplaces have some sort of centralized authentication source, so at least there’s only one set of credentials to remember. Still, typing in these credentials repeatedly is burdensome for the user. An answer to this problem is browser-based federation, leveraging bearer tokens (something a… [read more →]

Google Chrome 68 Released, Marking insecure websites

| #Industry News

In the recent past, web security has undergone a series of upgrade to more secure strategies advocating the use of HTTPS encryption features. In November 2017, Google announced that they will implement some changes in their Chrome web browser. True to their word, Google released Chrome 68 in July this year. The browser comes with an additional feature that marks any HTTP site as insecure, with… [read more →]

CASC’s London Protocol for Enhancing Identity Assurance

| #Industry News

The London protocol refers to a treaty or agreement signed in London. One such agreement was recently signed with the aim of minimizing phishing activities on identity websites and improving management assurance. The protocol was launched by the Certificate Authority Council (CASC). A rise in phishing attacks motivated CASC certificate authorities to develop the London protocol. The objective of… [read more →]

Trustico requests over 50,000 Certificates to be revoked

| #Industry News

Currently there is a lot of talk and upset customers in the online security field due to over 23,000 Certificate suddenly being revoked. Below is an outline of the events within the last month leading to this event. On February 2nd an official at DigiCert received a request from Trustico to revoke over 50,000 Certificates that had been issued through the reseller Trustico. DigiCert then needed to… [read more →]