5 Ways HTTP Protocol Can Address Emerging Cloud Threats

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next 5 Ways HTTP Protocol Can Address Emerging Cloud Threats-3 Next

Content Security Policy (CSP)

A Content Security Policy (CSP) provides a mechanism to instruct browsers on what to trust. By using CSP, a whitelist policy is enforced on the content being delivered, ensuring that content can only be delivered by certain specified domains. CSP is especially important in preventing cross-site scripting (XSS) attacks, in which a browser is tricked into delivering malicious content by bypassing the origin policy. The root cause in XSS attacks is the browser's inability to distinguish between scripts that are part of an application and scripts that have been injected by a third party.

Enterprise cloud app adoption is continuing to increase across various functions, and to stay ahead of the curve, IT leaders must understand the susceptibility of these applications to attacks that could compromise data. In the past decade, a myriad of techniques have been developed to compromise web applications -- from cross site scripting (XSS) and SQL injection to phishing and clickjacking. As web applications have become more sophisticated, so have modern web browsers, which has spawned several new HTTP response headers to help enhance a website's security.

IT Business Edge recently spoke with Ravi Balupari, director of engineering and cloud security research at Netskope, on how the advances being made in the realm of HTTP protocol can address new emerging threats across the universe of cloud applications. He discusses here five HTTP security headers that IT leaders must incorporate in their enterprise data security strategy to address any potential threats.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

142x105itbeusasecurity2.jpg 9 Predictions for Cybersecurity’s Role in Government and Politics in 2017

Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ...  More >>

Shadow IT Security How Risky Behaviors Hurt Shadow IT Security

Examine some of the concerns involving shadow IT security and some of the riskiest behaviors, applications and devices. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.