SSL and Browser Security: Why is it Such an Uphill Battle? - HTA-209

Wolfgang Kandek , CTO, Qualys, Inc.
Ivan Ristic , Director of Engineering, Qualys, Inc.

With the recent attacks against SSL and CAs demonstrating how fragile these systems are, we are now on the verge of the entire ecosystem falling apart. Many would argue that’s already happened. Based on extensive research collected from millions of web sites, we explain the problems, discuss the risks and practical mitigation options, and propose ways to fix the root causes of these insecurities.

van Ristic is a respected security expert and author, known especially for his contribution to the web application firewall field and the development of ModSecurity, the open source web application firewall. He is also the author of ModSecurity Handbook, the definitive guide to the popular web application firewall, and the author of Apache Security, a comprehensive security guide for the Apache web server. A frequent speaker at computer security conferences, Ivan is an active participant in the application security community, a member of the Open Web Application Security Project, and an officer of the Web Application Security Consortium. He runs SSL Labs, a research effort dedicated to improving the effectiveness of SSL and TLS.

Wolfgang Kandek is the CTO for Qualys and responsible for innovation related to the QualysGuard platform and infrastructure. Wolfgang is the main contributor to the Laws of Vulnerabilities blog. He has over 20 years of experience in developing and managing information systems. His focus has been on Unix-based server architectures and application delivery through the Internet. Prior to joining Qualys, Wolfgang was Director of Network Operations at the Online Music streaming company myplay.com and at iSyndicate, an Internet media syndication company. Earlier in his career, Wolfgang held a variety of technical positions at EDS, MCI and IBM.

Speaker

Headshot

Wolfgang Kandek Chief Technical Officer, Qualys

← View more Podcasts

This document was retrieved from http://www.rsaconference.com/podcasts/65/ssl-and-browser-security-why-is-it-such-an-uphill on Fri, 21 Nov 2014 11:28:25 -0500.
© 2014 EMC Corporation. All rights reserved.