Best practices for securing the software application supply chain

As server-side security advances, more attackers are exploiting vulnerabilities and launching malicious attacks through the less protected and seldom monitored client-side supply chain.

Unfortunately, because of these attacks’ sophisticated and subtle nature, they can be hard to detect until it’s too late.

In this Help Net Security video, Uri Dorot, Sr. Security Solutions Lead at Radware, discusses how without proper client-side protection, organizations are flying blind.

Companies are exposing end users — along with personally identifiable information, and credit card and login data — to third-party services embedded in their business applications and over which they lack visibility and control. This opens the door to various security threats, including formjacking, Magecart, card skimming, payment and digital skimming, Javascript skimmers, e-skimming, and DOM XSS attacks.

Uri offers some “must-do’s” when securing the data path between an end user’s browser and third-party services in the application supply chain. He also shares some solutions “must-haves.”