Understanding Web Application Client-Side Risk - Matt McGuirk - ESW #276

<p>Web applications have a new and dangerous security gap which requires attention: client-side security. The code and content that a web application delivers into a web browser is a ripe attack surface and requires different consideration, tools, and knowledge than required by traditional web application security. This segment will explore what client-side security is, why client-side attacks are so dangerous, and what options are available to defend ourselves from this new threat.</p> <p> </p> <p>Segment Resources:</p> <p>"Magecart 101" - a courseware-style overview of the problem for security practioners: <a href= "https://www.youtube.com/watch?v=T4al8idAE_M">https://www.youtube.com/watch?v=T4al8idAE_M</a></p> <p>A quick five minute explainer on the problem and Source Defense's solution: <a href= "https://www.youtube.com/watch?v=f8MO45EQcKY">https://www.youtube.com/watch?v=f8MO45EQcKY</a></p> <p>Source Defense's brand new (as of 5/25/22) "State of the Industry" report for client-side security: <a href= "https://info.sourcedefense.com/third-party-digital-supply-chain-report-white-paper"> https://info.sourcedefense.com/third-party-digital-supply-chain-report-white-paper</a></p> <p> </p> <p>This segment is sponsored by Source Defense. Visit <a href= "https://securityweekly.com/sourcedefense">https://securityweekly.com/sourcedefense</a> to learn more about them!</p> <p> </p> <p>Visit <a href= "https://www.securityweekly.com/esw">https://www.securityweekly.com/esw</a> for all the latest episodes!</p> <p>Show Notes: <a href= "https://securityweekly.com/esw276">https://securityweekly.com/esw276</a></p>