application-security

Man-in-the-Middle Attack

Man-in-the-Middle Attack (MitM)

Definition

A man-in-the-middle attack intercepts communications between two parties without their knowledge, allowing the attacker to eavesdrop, modify, or inject data. HTTPS with proper certificate validation, HSTS, and certificate pinning are primary defenses against network-level MitM attacks.

MitM attacks at the application layer (e.g., through malicious proxies or BGP hijacking) require additional controls like mutual TLS and certificate transparency monitoring.

Related Terms

TLS

Transport Layer Security

HSTS

HTTP Strict Transport Security

Certificate Transparency

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product