SSL – Compass Security Blog

Compass SSL/TLS recommendations

Mozilla created an extensive page [7] concerning the best current choice of SSL/TLS cipher suites, primarily for web servers. Compass Security agrees broadly with the article, but recommends some additional restrictions in order to provide the most resistance against active and passive attacks versus TLS secured connections: Use 3DES cipher instead of RC4 Disable SSLv3 support […]

Why does Compass Security recommend HSTS?

February 4, 2013 / Stephan Rickauer / 0 Comments

Secure web communications using HTTPS isn’t anything fancy anymore these days. It ensures traffic from a user to your web application cannot be eavesdropped or tampered with, given it has been set up securely using SSL/TLS. But, do you trust your web application’s code to entirely disregard unencrypted requests? Are you sure your Apache/IIS is […]

Up ↑

Compass Security Blog

Offensive Defense

Compass SSL/TLS recommendations

Why does Compass Security recommend HSTS?

Recent Posts

Categories

Compass Links

Compass Security Blog

Offensive Defense

Compass SSL/TLS recommendations

Why does Compass Security recommend HSTS?

Recent Posts

Categories

Tags

Compass Links