Securing your websites and services using HTTPS has never been more important, or more complicated. In this talk, a former browser Security Program Manager covers the best practices for using HTTPS today. Topics covered in this session include ciphers and hash algorithms, forward secrecy, handshakes and protocols, and new browser features like HSTS and PKP. Explore how attackers circumvent HTTPS, and what you can do to help protect your visitors and customers safe from snoops and bad guys. Secure all the things!