Showing posts from October 9, 2015

Here’s what you need to know when it comes to SPDY and HTTP/2 on Google Cloud Platform.

As you can imagine, performance and security are two requirements at the core of stakes in our cloud age. Therefore, encourages developers to be performance-conscious and leverage the performance and security benefits of the HTTP/2 protocol in their applications.
Henceforth with HTTP/2 finalized (RFC 7540, RFC 7541) and, Google servers offer full HTTP/2 support.

When it comes to HTTP/2 on Google Cloud Platform, can observe that:

1.Your application must run over HTTPS. Support for the HTTP/2 protocol is automatically negotiated as part of the TLS handshake via ALPN. 2.The server terminating the secure HTTPS connection must support ALPN and HTTP/2 protocols. If either side does not support the new HTTP/2 protocol then they fallback to HTTP/1.1. You check out the free chapters on HTTP/2 and HTTP/2 optimization strategies in High Performance Browser Networking (O’Reilly).

Information on EMV card vulnerabilities and proactive defensive measures.

Image recalls that, the Internet Crime Complaint Center (IC3) has issued an alert to consumers and merchants about the security risks involved with EMV Cards. An EMV card is a credit or debit card with a microchip that helps protect cardholder data. However, EMV cards may still be vulnerable to exploitation.
So, encourages consumers and merchants to review the IC3 Alert for information on EMV card vulnerabilities and proactive defensive measures.

Google Cloud Security Scanner in our digital age.

Sometime, the security requirements are daunting but necessary to help bring peace in minds; so occasional mistakes are part of our DNA.
Unfortunately, when it comes to security, mistakes have zero excuse and can be disastrous.
With Cloud Security Scanner, Google aims to make it easier for you to develop secure web applications and to find and fix issues early in the development lifecycle. encourages this momentum that can enable App Engine developers to proactively test their applications for many common web application security vulnerabilities with issues including: cross-site scripting (XSS), Mixed Content, and Flash Injection or alert you to the usage of insecure Javascript libraries.