This segment will be an opportunity to discuss web application client-side security with subject matter expert Matt McGuirk from Source Defense. Modern web applications have a massive and misunderstood attack surface that exists within the web pages they serve.
Potential discussion topics:
- A visual overview of the problem
- A simulated client-side attack
- How to evaluate client-side risk on a given website
- What technologies are available to defend against client-side attacks
- Historical case studies of landmark attacks
Segment Resources:
"Magecart 101" - a courseware-style overview of the problem for security practitioners: https://www.youtube.com/watch?v=T4al8idAE_M
A quick five-minute explainer of the problem and Source Defense's solution: https://www.youtube.com/watch?v=f8MO45EQcKY
Source Defense's brand new (as of 5/25/22) "State of the Industry" report for client-side security: https://info.sourcedefense.com/third-party-digital-supply-chain-report-white-papere This segment is sponsored by Source Defense. Visit https://securityweekly.com/sourcedefense to learn more about them!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw743