Explore best practices for TLS configuration in web application data stores through this AppSecUSA 2017 conference talk. Delve into the current TLS capabilities of popular databases like MySQL, PostgreSQL, and MongoDB, comparing both recent and widely deployed versions. Learn about defining TLS configurations specific to these data stores, which differ from HTTPS practices. Discover improvements in tools for verifying proper server TLS configuration, and examine the results of a survey on real-world TLS configurations of publicly connected data stores. Gain insights into ensuring network confidentiality and integrity for connections between application servers and backing data stores, addressing the often-overlooked security aspect of database communications in web application stacks.
Automating TLS Configuration Verification for Web Application Data Stores
Overview
Syllabus
Automating TLS Configuration Verification - AppSecUSA 2017
Taught by
OWASP Foundation
Related Courses
-
Web Application Penetration Testing: Configuration and Deployment Management Testing
-
DevOps Kubernetes Deployment with Ingress, DNS and SSL TLS
-
HTTPS and TLS Security Practices - Front Line Insights 2016
-
Configuration-as-Code: Automating Application Configuration
-
Essential TLS Hardening for Better Web Security
