Magecart & Beyond. Massive Client-Side Website Vulnerability

  • Date 20 Nov 2019 - Wednesday

Magecart & Beyond. Massive Client-Side Website Vulnerability

20 Nov 2019, 11:25 - 11:45

Innovation Stage
Language:
English

Technology Showcase Session

This session will discuss how modern website architecture has presented an expansive and lucrative attack surface for hackers. Incidence rates of vulnerability will be detailed resulting from a study of the Alex-1000 global websites. There will also be discussion on the browser-native, standards-based security controls that are available to safeguard against these attacks including CSP, SRI, HSTS and others.

Learning Outcomes:

  • Learn how modern website architectures has lead to the acceleration of attacks with names such as Cross-Site Scripting, Formjacking, Magecart, Ad Injections, Content Injections, Cyptojacking and Website Supply Chain Attacks.As many as 5000 websites are successfully attacked each month leveraging a nearly universal client-side website vulnerability
  • Data and statistics from a study of the global Alexa-1000 websites will be presented to highlight the the widespread incidence of vulnerability and the current lack of deployed security capable of safeguarding against attacks.
  • Learn about the application of standards-based security solutions like CSP, SRI and others can be used to prevent these attack. 
  • Learn about the application of automation to overcome the administrative and operational hurdles commonly associated with the deployment of CSP, SRI, etc.

 

Contributors

  • Aanand Krishnan

    Speaker

    Founder & CEO

    Tala Security

    Aanand Krishnan is the CEO and Founder of Tala Security. Previously, Aanand held senior technical roles at Symantec and Agilent leading key projects...

Sponsors

Tala Security

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.