Detecting and Controlling Rogue Third-Party Scripts in Web Applications
Offered By: LASCON via YouTube
Course Description
Overview
Explore the critical issue of web supply chain attacks and third-party script vulnerabilities in this 49-minute LASCON conference talk. Delve into the growing security blind spot created by companies' reliance on third-party components in web applications. Learn how these scripts, operating with the same privileges as first-party code, can harvest user input, hijack events, and modify webpage behavior. Discover the risks associated with handling sensitive information like payment card data and health records in this environment. Gain insights into detecting and preventing data breaches at the browser level, which often remain undetected for months. Understand the importance of visibility and control over third-party components to assess and mitigate risks. See real-world examples of attempted data leaks from Black Friday 2021, and witness a demonstration of rogue scripts accessing sensitive data. Learn about a new data-centric approach to detect and block these threats, equipping yourself with knowledge to protect against web supply chain attacks and enhance your organization's cybersecurity posture.
Syllabus
'Who allowed you to do that?' Detecting and Controlling Rogue Third-Party Scripts - Brad Burkle
Taught by
LASCON
Related Courses
Security Principles(ISC)² via Coursera A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera FinTech for Finance and Business Leaders
ACCA via edX Access Control Concepts
(ISC)² via Coursera Access Controls
(ISC)² via Coursera