We're launching support for another brand new type of report over on Report URI and it's been a commonly requested feature. SMTP TLS Reporting, or TLS-RPT for short, allows you to have detailed insight into the transport security being used (or not used) when delivering email. MTA-STSBack in Feb I…
Tag: Report URI
Total 41 Posts
Over the years we've constantly worked on Report URI to improve it with the goal of helping more and more websites improve their security. Today, I'm really happy to announce that we're partnering with Joomla! as their official Reporting Partner to help further that goal for millions of websites. Joomla!…
It's time for another 6 month update on the state of security online that's a little late! This is the second report using the new data source that was announced in the last report so we have some good comparisons to make when we take a look at the data.…
A lot has changed in the browser landscape recently and we've seen all of the mainstream browsers move away from running their own XSS Auditor or XSS Filter. Given this shift, it's time for me to update a few things too. XSS Auditor and XSS FilterThe XSS Filter ran in…
I've relied on a lot of different projects over the years that have helped me in various different ways and recently had the opportunity to start giving something back. Running Report URIWe're lucky enough to have Michal Špaček with us on the team at Report URI and it was him…
There has been a huge focus on encryption on the web recently, with lots of that centred around HTTP with things like HTTPS and HSTS. Now we're taking the same concept and extending it to email with MTA-STS, or Mail Transfer Agent Strict Transport Security. MTA-STSYou can read about MTA-STS…
It's been an interesting ride over the last few years but HPKP, or HTTP Public Key Pinning, is finally coming to the end of its tenure. With support now gone in the last remaining browser, HPKP has been consigned to the scrap heap. HPKPI first wrote about HPKP back in…
Everybody knows I'm a rather large fan of CSP and an even bigger fan of CSP reporting, but CSP can be hard. Part of my personal mission has been to make that easier and a lot of the tools and content I create are focused around that. To that end,…
I've spoken a lot about Certificate Transparency on my blog recently and how powerful it is for site operators to be able to keep track of certificates issued for their domains. We plan to make that even easier by integrating CT monitoring into Report URI. Certificate TransparencyThe TLDR; of Certificate…
I've worked at some great companies during my career and worked alongside some great people too. Many of those I still keep in contact with and recently I spoke to an old colleague about joining him on a webinar to discuss bots, bot mitigation and the problems that bots pose.…
