HTTP/1.1 must die: Dafydd Stuttard on what this means for enterprise security
ATT&CK techniques detected
T1588.006Vulnerabilities
70%
"http / 1. 1 must die : dafydd stuttard on what this means for enterprise security research academy my account customers about blog careers legal contact resellers attack surface visibility improve security posture, prioritize manual testing, free up time. ci - driven scanning mor…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
43%
"##s, service meshes, microservices, apis, and these are often from a range of different vendors. that complexity is fertile ground for hard - to - spot, protocol - level issues that often have critical implications for your security. in a large organization, a single successful d…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
At Black Hat USA 2025 and DEF CON 33, PortSwigger's Director of Research, James Kettle, unveiled new HTTP desync techniques that prove one thing beyond doubt: HTTP/1.1 is broken, and every organizatio