On February 23, 2021, the Security & Trust Unit held the webinar “Lost in TLS: the importance of mitigating vulnerabilities in the FINSEC platform”, in the context of the Digital Finance Academy for Security within the FINSEC European Project.
The webinar deals with the need to secure online communications and protect their content. A crucial activity to satisfy this requirement in many concrete use cases for online financial services is the deployment of TLS servers. First, we motivate the importance of using and correctly configuring TLS. We discuss the vulnerabilities affecting the protocol itself and their impact on financial services. Then, we present how TLSAssistant has been integrated in the FINSEC platform, how it works and how it can help secure TLS deployments by returning actionable recommendations for mitigation. Finally, we describe the benefits of a direct integration by showing how it can be used to identify and mitigate the vulnerabilities affecting an online financial service.
The recording of the webinar can be found below:
Salvatore Manfredi, Silvio Ranise, Giada Sciarretta and Alessandro Tomasi
TLSAssistant goes FINSEC: A Security Platform Integration Extending Threat Intelligence Language
In: 1st International Workshop on Cyber-Physical Security for Critical Infrastructures Protection (CPS4CIP 2020)
- FINSEC (Integrated Framework for Predictive and Collaborative Security of Financial Infrastructures)