Category Archives: Security Basics

HTTP Public Key Pinning (HPKP)

HTTP Public Key Pinning is a mechanism that can prevent Man-in-the-Middle attacks against TLS connections to HTTP services.  Essentially, the web service tells the browser which certificates it should expect and that it should reject all others.  It is a … Continue reading

Posted in Security Basics | 3 Comments

Payment Card Industry (PCI) Acronym Soup

I am in the process of doing the PCI DSS QSA at the moment and after doing the pre-study I have discovered a vast quantity of acronyms…  I thought a reference of them would be useful: P2PE – Point 2 … Continue reading

Posted in Security Basics | Leave a comment

Is an APT attack what an APT attack was?

I forget why but a colleague and I got into a conversation about APT (Advanced Persistent Threats) attacks the other day which turned into a mini-debate.  It started when he told me that he believed I misunderstood what an APT … Continue reading

Posted in Security Basics | Leave a comment