Security Intermediate

What is Man-in-the-Middle Attack?

An attack where the attacker secretly intercepts and potentially alters communication between two parties who believe they are communicating directly.

MITM attackers position themselves between client and server, intercepting all traffic. On unencrypted networks, they can read passwords, session tokens, and sensitive data. Advanced attacks can intercept HTTPS by presenting fake certificates.

Prevention includes HTTPS everywhere, certificate pinning, HSTS (HTTP Strict Transport Security), secure WiFi (WPA3), VPNs on public networks, and validating certificate chains. Public WiFi is particularly vulnerable to MITM attacks.

Learn More About This Topic

Ethical Hacking & Penetration Testing

Related reading

Network Security Fundamentals

Related reading

SOC Analyst Fundamentals

Related reading

Related Terms

A one-way function that converts input data into a fixed-size string of characters, used for data integrity and password storage.

A technique that controls the number of requests a client can make to a server within a specified time period.

Brute Force Attack

An attack method that systematically tries all possible combinations of passwords or keys until the correct one is found.

SAST (Static Application Security Testing)

Automated analysis of source code to find security vulnerabilities without executing the application.

Penetration Testing

An authorized simulated cyberattack on a system to evaluate its security defenses and identify vulnerabilities.

SOC (Security Operations Center)

A centralized team and facility responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats 24/7.

View All Security Terms →