* LASN_picture_logo.jpg

 

Locks and Security News: your weekly locks and security industry newsletter
22nd November 2017 Issue no. 387

Your industry news - first

 

We strongly recommend viewing Locks and Security News full size in your web browser. Click our masthead above to visit our website version.

 

Search
English French Spanish Italian German Dutch Russian Mandarin


93% of websites fail to meet security standard

April King, a security engineer at Mozilla, found that the vast majority of the world's largest sites - 93.45% to be exact - are not implementing many modern security technologies which provide secure connections to their users and protect them from attacks such as cross-site scripting (CSS) and content injection.

The assessment of these sites was made by Mozilla's own Observatory tool (which King designed). It conducts 11 different tests to see what security technologies a website is using, including HTTPS, HPKP (Key Pinning), CSP (Content Security Policy), and Subresource Integrity. It also scores sites on how well they use those technologies. Websites with sub-par configurations - like supporting HTTPS without automatically redirecting users - receive penalties.

12th July 2017




© Locks and Security News 2017.
Subscribe | Unsubscribe | Cookies | Sitemap