SRI - Scott Helme

PCI DSS 4.0; It's time to get serious on Magecart

The latest version of PCI DSS just dropped and it's really awesome to see that one of the most notorious threats that we face online when it comes to payment...

Magecart are coming for you, are you ready?

Free Post

CSP

Magecart are coming for you, are you ready?

We've seen a few notable news events this year along the same lines. Major websites have suffered serious breaches not because they were hacked, but because of a compromise in...

Protect your site from Cryptojacking with CSP + SRI

Free Post

CSP

Protect your site from Cryptojacking with CSP + SRI

We saw a pretty big event take place over the weekend where a 3rd party provider was compromised and their JS library was altered. The alteration introduced a crypto mining...

Free Post

CSP

Enforcing the use of SRI

Subresource Integrity is an awesome security feature that allows us to ensure that assets served by a CDN haven't been tampered with. Now, thanks to a new directive in CSP,...

Free Post

SRI

Subresource Integrity: Securing CDN loaded assets

Most sites on the Internet these days load some kind of content from a CDN, usually JS and CSS. Whilst this comes with great performance boosts and savings on bandwidth, we're trusting that CDN to load content into our pages, content that could possibly...