5 Ways HTTP Protocol Can Address Emerging Cloud Threats

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next 5 Ways HTTP Protocol Can Address Emerging Cloud Threats-3 Next

Content Security Policy (CSP)

A Content Security Policy (CSP) provides a mechanism to instruct browsers on what to trust. By using CSP, a whitelist policy is enforced on the content being delivered, ensuring that content can only be delivered by certain specified domains. CSP is especially important in preventing cross-site scripting (XSS) attacks, in which a browser is tricked into delivering malicious content by bypassing the origin policy. The root cause in XSS attacks is the browser's inability to distinguish between scripts that are part of an application and scripts that have been injected by a third party.

Enterprise cloud app adoption is continuing to increase across various functions, and to stay ahead of the curve, IT leaders must understand the susceptibility of these applications to attacks that could compromise data. In the past decade, a myriad of techniques have been developed to compromise web applications -- from cross site scripting (XSS) and SQL injection to phishing and clickjacking. As web applications have become more sophisticated, so have modern web browsers, which has spawned several new HTTP response headers to help enhance a website's security.

IT Business Edge recently spoke with Ravi Balupari, director of engineering and cloud security research at Netskope, on how the advances being made in the realm of HTTP protocol can address new emerging threats across the universe of cloud applications. He discusses here five HTTP security headers that IT leaders must incorporate in their enterprise data security strategy to address any potential threats.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.