Project Launch : Tracking Browser Security Enhancements

TL;DR: NotSoSecure is releasing a new project to track security enhancements or downgrades in browsers:


Our lives have been slowly moving from desktop applications to browser-based applications and browsers have become an integral part of our life. Current top browsers have a special focus on security and have been working on many major security projects to kill bug classes. Some are ambitious projects, some are smaller tweaks. Some continue to become the core of the browser, some projects get shelved or discarded.

With processing powers shifting to client-side, the browsers have focused extensively on the client-side vulnerabilities and on providing a safe space for the applications and its users. Largely the focus has been centered around killing bug classes such as Cross-Site Scripting and Cross-Site Request Forgery, as well as enhancing privacy for the end users. Some of the recent changes implemented by browsers are HTTPS-Only mode, Cookie related security, Tabnabbing protection, Referrer Leakage Preventions, and X-XSS-Protection to name a few.

This brings in an interesting situation for information security professionals as our recommendations and risk ratings can get affected by these changes. We have been trying to keep a tab on these changes internally and we realised

Read More: