YoVDO

Detecting and Controlling Rogue Third-Party Scripts in Web Applications

Offered By: LASCON via YouTube

Tags

Web Security Courses Cybersecurity Courses Data Protection Courses Risk Assessment Courses Web Application Security Courses Threat Detection Courses Browser Security Courses Supply Chain Attacks Courses

Course Description

Overview

Explore the critical issue of web supply chain attacks and third-party script vulnerabilities in this 49-minute LASCON conference talk. Delve into the growing security blind spot created by companies' reliance on third-party components in web applications. Learn how these scripts, operating with the same privileges as first-party code, can harvest user input, hijack events, and modify webpage behavior. Discover the risks associated with handling sensitive information like payment card data and health records in this environment. Gain insights into detecting and preventing data breaches at the browser level, which often remain undetected for months. Understand the importance of visibility and control over third-party components to assess and mitigate risks. See real-world examples of attempted data leaks from Black Friday 2021, and witness a demonstration of rogue scripts accessing sensitive data. Learn about a new data-centric approach to detect and block these threats, equipping yourself with knowledge to protect against web supply chain attacks and enhance your organization's cybersecurity posture.

Syllabus

'Who allowed you to do that?' Detecting and Controlling Rogue Third-Party Scripts - Brad Burkle


Taught by

LASCON

Related Courses

Security Principles
(ISC)² via Coursera
A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera
FinTech for Finance and Business Leaders
ACCA via edX
Access Control Concepts
(ISC)² via Coursera
Access Controls
(ISC)² via Coursera