5 Ways HTTP Protocol Can Address Emerging Cloud Threats

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next 5 Ways HTTP Protocol Can Address Emerging Cloud Threats-3 Next

Content Security Policy (CSP)

A Content Security Policy (CSP) provides a mechanism to instruct browsers on what to trust. By using CSP, a whitelist policy is enforced on the content being delivered, ensuring that content can only be delivered by certain specified domains. CSP is especially important in preventing cross-site scripting (XSS) attacks, in which a browser is tricked into delivering malicious content by bypassing the origin policy. The root cause in XSS attacks is the browser's inability to distinguish between scripts that are part of an application and scripts that have been injected by a third party.

Enterprise cloud app adoption is continuing to increase across various functions, and to stay ahead of the curve, IT leaders must understand the susceptibility of these applications to attacks that could compromise data. In the past decade, a myriad of techniques have been developed to compromise web applications -- from cross site scripting (XSS) and SQL injection to phishing and clickjacking. As web applications have become more sophisticated, so have modern web browsers, which has spawned several new HTTP response headers to help enhance a website's security.

IT Business Edge recently spoke with Ravi Balupari, director of engineering and cloud security research at Netskope, on how the advances being made in the realm of HTTP protocol can address new emerging threats across the universe of cloud applications. He discusses here five HTTP security headers that IT leaders must incorporate in their enterprise data security strategy to address any potential threats.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

biometrics Biometrics: Moving Far Beyond Fingerprints

Biometrics are changing the way we think about security. Here are some of the more innovative ways biometrics are being used and what we can expect in the future. ...  More >>

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.