Until the day TLS 1.3 becomes widely supported, web servers must rely on a fallback to TLS 1.2 with correctly configured server directives and strong cipher suites. Pick the wrong settings and you declare an open season on your server.
A fix for Spectre & Meltdown: update your Linux kernel in place (running CentOS/RHEL 7 or above), and live happily ever after
If you launch an instance from the official CentOS or RHEL 7.x AMI on AWS, you will be running kernel 3.1 as of this writing. That’s not a good idea. You can easily take advantage of improved security features of newer kernels that are already available in a stable release. The renowned Linux kernel maintainer Greg Kroah-Hartman released the Linux Kernel 4.14.15, which includes important fixes for Spectre & Meltdown. Here is how to update your Linux kernel from 3.1 to 4.16.11 in place.
How to set up Report URI to prevent code injection attacks
A web service called Report URI can be a great help in creating an HTTP security policy that will protect your web application without compromising its functionality. Here is how to set it up to bolster your defenses against code injection attacks.
A quick introduction to SSL/TLS encryption: understanding certificates and key pairs
Confused about SSL/TLS certificates? Here is a quick and dirty introduction to SSL/TLS encryption.
A cybersec showdown of the clouds: cyber security on AWS versus Microsoft Azure
[Updated May 16, 2018] AWS and Microsoft, the two leaders in the race for the best cloud infrastructure, have recognized cyber security as a barrier of adoption. Cyber security professionals are weary of migrating workloads into public cloud environments as it may carry significant risks. Thus, Amazon and Microsoft have developed specialized services to help safeguard users’ cloud infrastructure and data.
This post discusses ways to mitigate cyber threats and launch a cyber defense on AWS and Azure.
- « Previous Page
- 1
- 2
- 3
- 4
- 5
- 6
- …
- 10
- Next Page »