5 Ways HTTP Protocol Can Address Emerging Cloud Threats

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next 5 Ways HTTP Protocol Can Address Emerging Cloud Threats-3 Next

Content Security Policy (CSP)

A Content Security Policy (CSP) provides a mechanism to instruct browsers on what to trust. By using CSP, a whitelist policy is enforced on the content being delivered, ensuring that content can only be delivered by certain specified domains. CSP is especially important in preventing cross-site scripting (XSS) attacks, in which a browser is tricked into delivering malicious content by bypassing the origin policy. The root cause in XSS attacks is the browser's inability to distinguish between scripts that are part of an application and scripts that have been injected by a third party.

Enterprise cloud app adoption is continuing to increase across various functions, and to stay ahead of the curve, IT leaders must understand the susceptibility of these applications to attacks that could compromise data. In the past decade, a myriad of techniques have been developed to compromise web applications -- from cross site scripting (XSS) and SQL injection to phishing and clickjacking. As web applications have become more sophisticated, so have modern web browsers, which has spawned several new HTTP response headers to help enhance a website's security.

IT Business Edge recently spoke with Ravi Balupari, director of engineering and cloud security research at Netskope, on how the advances being made in the realm of HTTP protocol can address new emerging threats across the universe of cloud applications. He discusses here five HTTP security headers that IT leaders must incorporate in their enterprise data security strategy to address any potential threats.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Security119-190x128 8 Tips for Ensuring Employee Security Compliance

IT security ultimately depends on making sure employees use the appropriate tools and comply with policies designed to protect them and their data/applications. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.