Lost in TLS (Transport Layer Security): the importance of mitigating vulnerabilities in the FINSEC platform
Speakers: Salvatore Manfredi (Fondazione Bruno Kessler, Italy)
Abstract : The webinar deals with the need to secure online communications and protect their content. A crucial activity to satisfy this requirement in many concrete use cases for online financial services is the deployment of TLS servers (TLS Transport Layer Security) . First, we motivate the importance of using and correctly configuring TLS. We discuss the vulnerabilities affecting the protocol itself and their impact on financial services. Then, we present how TLSAssistant has been integrated in the FINSEC platform, how it works and how it can help secure TLS deployments by returning actionable recommendations for mitigation. Finally, we describe the benefits of a direct integration by showing how it can be used to identify and mitigate the vulnerabilities affecting an online financial service.
Prerequisites: Basic knowledge of computer networking and coding
Audience : The workshop is oriented to academic researchers, security experts from industries and system administrators that work on or want to approach the field.