Chrome has certainly been one of the main contributors towards the recent push to HTTPS online and without their contribution, I do find myself wondering how much progress would have been made. The Chrome team have just announced two more big changes coming soon and they will help push the…
Tag: CSP
Total 38 Posts
Yes, it's that time of year again and the last 6+ months have flown by. Time for a look at the state of security in the Top 1 Million sites on the web! Here are the results, updates, trends and analysis for the progress we've made over the last 6…
Everybody knows I'm a rather large fan of CSP and an even bigger fan of CSP reporting, but CSP can be hard. Part of my personal mission has been to make that easier and a lot of the tools and content I create are focused around that. To that end,…
I've just deployed a few changes to Security Headers to bring it up to date with recent changes in the industry. Here are the details and how they might affect you. Security Headers SponsorI announced sponsorship of the Security Headers project back in December 2016 and that continues through to…
It's a little late but here it is! The analysis of the Alexa Top 1 Million sites for February of 2019. We have good news, increased numbers, new comparisons and more! The crawlI can't believe this is the 8th report I've done on the Alexa Top 1 Million and the…
I've seen this mentioned a few times now and I think it's time we had some solid facts on why this just isn't the case. Like many restrictions around deploying HTTPS have recently bitten the dirt, backwards compatibility is also another one we can strike off the list. Recent advancementsOver…
We've seen a few notable news events this year along the same lines. Major websites have suffered serious breaches not because they were hacked, but because of a compromise in a 3rd party dependency. Two of the biggest stories involved targetted attacks on payment data, they were skimming credit card…
It's time! August 2018 represents the 7th time I've published a report of the Alexa Top 1 Million sites so let's get stuck in and see what changes have taken place over the last six months on the biggest sites on the web. Crawler data As always the data from…
I got a DM from a journalist called Jordan Pearson this evening and what started out as a quick comment for an article turned into an investigation of an ongoing issue. etherscan.io Etherscan is ranked as the 1,379th site in the world according to Alexa, so they're pretty…
Today I'm really excited to announce one of the first big steps that Report URI is taking towards making CSP even easier to use, deploy and maintain. With the introduction of the CSP Wizard, it's never been easier to create a CSP for your site. Setting up a CSP Until…
