No Signed Pages videos yet. You could help us improve this page by suggesting one.
Based on our record, AWS WAF should be more popular than Signed Pages. It has been mentiond 27 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
WAF is a Web Application Firewall, which allows the inspection of HTTP requests. - Source: dev.to / about 2 months ago
Add a firewall and other mechanisms for protecting your endpoints against malicious traffic and bots before it hits your workload and consumes those precious worker threads (e.g.: WAF). - Source: dev.to / about 2 months ago
AWS WAF: The AWS Web Application Firewall (WAF) helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. - Source: dev.to / 5 months ago
Security and secrets management - Experience with tools like AWS Secrets Manager, AWS Key Management Service (KMS), AWS Web Application Firewall (WAF) for secure secrets management and overall system security adds an extra layer of expertise to the QA Engineer's skill set. - Source: dev.to / 11 months ago
The reader will learn how to create a web application firewall with AWS WAF and AWS App Runner as a web application. AWS App Runner is an AWS service that deploys web applications or API using Amazon ECR or GitHub only. While AWS WAF (Web Application Firewall) is an AWS service that can protect the web application. - Source: dev.to / 12 months ago
There is "Signed Pages" by the debeloper of EteSync. It is a browser extension, that checks webapps based on signatures in the html file. The addon then warns the user if the signature is not correct or - if I remember correctly - the source changed. This allows you to be sure what webapp code was delivered. But it seems like it did not really get used outside of his own projects. - Source: Hacker News / 3 months ago
EteSync has implemented something called Signed Pages, this might be worth looking closer at. This uses PGP keys which is preloaded into the browser; but I suspect that will be a barrier too high for most non-tech users. Source: 12 months ago
There are also projects like signed web pages which can also help increasing the trust level to some degree. But that requires that you can download the source code and regenerate the verification hash locally - or have other trusted methods to verify the hash value hasn't been modified as well. The current concept is reasonably sane, but it requires too much from users currently to make it widely used. Source: almost 2 years ago
> The server can at any time start serving malicious payloads True, and I call this threat model "Beware Each and Every Fetch" (BEEF) in contrast to the more common TOFU model (although if you trust a desktop app to auto-update itself then these two models might not be all that different). In any case, I think you're being a little quick to dismiss the idea of server-hosted applications. It's true that browsers... - Source: Hacker News / about 2 years ago
Something like a browser extension for this does already exist, fortunately: https://github.com/tasn/webext-signed-pages. - Source: Hacker News / about 2 years ago
OpenSSL - OpenSSL is a free and open source software cryptography library that implements both the Secure Sockets Layer (SSL) and the Transport Layer Security (TLS) protocols, which are primarily used to provide secure communications between web browsers and …
Marshal - Quickly scan your cloud for exposed sensitive information.
Let's Encrypt - Let’s Encrypt is a free, automated, and open certificate authority brought to you by the Internet Security Research Group (ISRG).
The Security Checklist - The Practical Security Checklist for Web Developers
Sqreen - Sqreen is a web application security monitoring and protection solution helping companies protect their apps and users from attacks. Get started in minutes.
Google Capture the Flag 2017 - Google's 2nd annual worldwide security competition