https://www.youtube.com/watch?v=Jx5NEOI_TPw&t=9s
Although some of it is specific to the company platform the explanation of the HSTS and why its an issue is good.
HSTS
HTTP Strict transport security
Any site that redirects from HTTP to HTTPS is vulnerable
Its medium severity usually but low hanging fruit for attackers, if they see the basics are not done they may probe further but if they see HSTS setup they may move on
HSTS is a protocol sets regulations for how user agents (web browsers) should handle their connection for a site running https
Its possible for attackers can downgrade https to http connections and read data
No comments:
Post a Comment