Contact us for your penetration testing needs 1-866-PLYNT-24    |   Contact Us   Plynt UK Website  
Click to get Security Testing Quote
All my web pages have SSL enabled. You still think I might be vulnerable to these attacks?

A common misconception is that SSL is the answer to most attacks.

SSL ensures that the server is who he claims to be, and that the traffic cannot be eavesdropped by anybody else. It achieves this by using a digital certificate to prove the authenticty of the server, and encryption to secure the traffic.

However, SSL cannot prevent an adversary intercepting his own communication with server using freely available web proxy editor tools (e.g. Webscarab, Burpproxy etc.). These tools intercept SSL communication within the adversary’s machine and present editable data to him in plaintext, which can be used to launch several popular attacks.


Request a proposal

Our quote contains the best price, the time estimate, and our methodology; and we'll mail you the quote in 24 hrs.


                                                
 
Movable Type Appliance - Powered by TurnKey Linux