ISSA International Web Conferences bring together ISSA members from around the world to share leading industry presentations and answer members' questions. Each event is designed to address the timely needs of ISSA members through a live, online event and a subsequent recorded version for on-demand viewing. All content is developed by the ISSA International Web Conference Committee.
CPE Credit Available: ISSA Members will be eligible for a certificate of attendance, after successful completion of a post event quiz, to submit CPE credits for various certifications. Our online quizzes and surveys are powered by SurveyGizmo survey software.
Click here if you are interested in sponsoring an ISSA International Web Conference
Click here for On-Demand ISSA Web Conferences
2016 Web Conference Schedule*
When TLS Reads: Totally Lost Security. SHA zam!
2-Hour Live Event: Tuesday, November 15, 2016
Start Time: 9:00 a.m. US-Pacific/ 12:00 noon US-Eastern/ 5:00 p.m. London
Click here for more information and to register.
Generously sponsored by
Giving the Internet an Identity
Why isn't patching and updating successful in making us safe, even from known vulnerabilities in products for which fixes are available?
We've seen Java vulnerabilities fixed and available on our smart phones, only to be told that our organization cannot support the fix without breaking a critical tool we depend on. We know that improved versions of SSL and TLS were available for many years before they become widely adopted by browser developers and web site administrators. Rather than risk disrupting millions of users, fears of backward compatibility issues drive them to continue to offer vulnerable versions of these protocols and to ignore the dangers of relying on encryption and hash algorithms with known flaws.
A recent survey indicates that nearly 98% of websites supporting SSL were still using phishing friendly, weak X.509 digital certificates based on SHA-1. So, how does this bode for the Internet of Things? Will we see millions and millions of more vulnerable devices surround us that cannot be easily patched and managed