Security Awareness


Website Security- HTTPS, CDNs and OWASP Top Ten

SSL / HTTPS

HTTPS is a secure version of HTTP. The ‘S’ stands for Secure. It protects the authenticity and integrity of the exchanged data over a network by encrypting and decrypting the requests and responses between clients and servers. HTTPS has several benefits including:

  • Protecting users against man in the middle attacks
  • Leverage features like Service Workers
  • Positively impacting SEO on your site

To have your website served with HTTPS it must have a valid SSL (secure sockets layer) certificate. This certificate is used in the encryption of information being shared between your server and a users device. It is recommended for all websites to have a valid SSL certificate, but is especially important for e-commerce sites to ensure customers data is encrypted prior to it being transferred.


Content Delivery Networks (CDN)

Website performance and security is on the forefront of many businesses and website owners to improve how quick your website loads, increase in security and better visibility. A content delivery network (CDN) is one of the few solutions. A CDN is a set of servers spaced around the world to help deliver web content to users quicker.

CDN services are used by websites like Facebook, Netflix and Amazon to help handle the huge amounts of traffic that pass through those websites everyday. By having servers dispersed across the globe content be delivered to users quicker no matter where they are located, whilst also distributing the traffic across multiple servers.

Depending on the CDN, websites can also be protected against Distributed Denial of Service (DDoS) attacks and similar assaults to your systems.


OWASP Top Ten

The OWASP Foundation is a non profit foundation that works to improve security of software. Every three to four years they release their OWASP Top Ten which details what they consider the 10 most critical security risks to web applications. The list is created through use of industry surveys and thorough reviews, leading to a list which represents a broad consensus and outlines the issues most prevalent to modern software.

You can read the full list here, the list outlines each security risk and how they recommend to combat them.

The image below shows the list and how its rankings have changed since 2017


This website uses cookies to ensure you get the best experience on your website. More Info.