SRI - Scott Helme

Magecart are coming for you, are you ready?

We've seen a few notable news events this year along the same lines. Major websites have suffered serious breaches not because they were hacked, but because of a compromise in...

Protect your site from Cryptojacking with CSP + SRI

Free Post

CSP

Protect your site from Cryptojacking with CSP + SRI

We saw a pretty big event take place over the weekend where a 3rd party provider was compromised and their JS library was altered. The alteration introduced a crypto mining...

Free Post

CSP

Enforcing the use of SRI

Subresource Integrity is an awesome security feature that allows us to ensure that assets served by a CDN haven't been tampered with. Now, thanks to a new directive in CSP,...

Free Post

SRI

Subresource Integrity: Securing CDN loaded assets

Most sites on the Internet these days load some kind of content from a CDN, usually JS and CSS. Whilst this comes with great performance boosts and savings on bandwidth, we're trusting that CDN to load content into our pages, content that could possibly...