Are You Ready for PCI DSS 4.0?
The Payment Card Industry Data Security Standard (PCI DSS) is the global benchmark for ensuring companies that handle credit card information maintain a secure environment. It provides a framework to help organizations protect sensitive cardholder data from theft and secure payment card systems. In 2022, PCI DSS introduced its version ... Read More
Shifting from reCAPTCHA to hCaptcha
We are adding another CAPTCHA vendor and helping our customers migrate from Google’s reCAPTCHA to hCaptcha. Why We Are Making This Change We continuously evaluate our security measures to ensure they align with the evolving landscape of threats. After carefully evaluating several different CAPTCHA providers, including rigorous testing by our ... Read More
Are HTTP Content-Security-Policy (CSP) Headers Sufficient to Secure Your Client Side?
Modern web frameworks have shifted business logic from the server side to the client side (web browser), enhancing performance, flexibility, and user experience. However, this move introduces security and privacy concerns, as exposing sensitive logic and data can lead to vulnerabilities like code injections and data tampering. Proper data handling ... Read More
Is Web Scraping Illegal? Depends on Who You Ask
Web scraping has existed for a long time, and depending on who you ask, it can be loved or hated. But where is the line drawn between extracting data for legitimate business purposes and malicious data extraction that hurts business? The bar is getting blurrier by the day, and the ... Read More
Five Takeaways from Black Friday & Cyber Monday Cyber Attacks
The online retail industry is one of the prime targets for cybercrime, as detailed in our annual analysis of the cybersecurity threats targeting eCommerce websites and applications. As the 2023 holiday shopping season continues, Imperva Threat Research is closely monitoring how cybercriminals are trying to disrupt and cause chaos for ... Read More
Online Retailers: Five Threats Targeting Your Business This Holiday Shopping Season
As the holiday season approaches, a palpable sense of joy and anticipation fills the air. Twinkling lights adorn homes, the aroma of freshly baked cookies wafts through the kitchen, and the sound of laughter and carolers’ melodies resonate on frosty evenings. It’s a time when families come together, cherished traditions ... Read More
The Dark Side of Web Development: Why You Should Be Prioritizing Shadow Code
In the fast-paced world of web development, staying ahead of the curve is paramount, as developers are frequently under pressure to deliver products and functionalities quickly and efficiently. To meet accelerated timelines, they often leverage third-party scripts and open-source libraries, expediting the development process and enhancing the application’s functionality. However, ... Read More
Imperva Offers New Features to Simplify PCI DSS Compliance
The Silent Threat of Client-Side Attacks As more transactions move online, a silent threat is lurking in the deepest, darkest shadows of websites, threatening to steal your sensitive data. This rapidly evolving threat, known as client-side attacks such as Magecart, formjacking, and online skimming, is capable of quietly acquiring a ... Read More
How Ticket Scalping Impacts Asia’s Live Entertainment Industry
Asia’s booming live entertainment industry has recently been plagued by a growing problem of ticket scalping. The term refers to the act of purchasing live event tickets in bulk by individuals, often through the use of automation (aka bots), to later resell them at exorbitant prices. The issue isn’t isolated ... Read More
Preventing Bot Attacks and Online Fraud on APIs
The rapid proliferation of Application Programming Interfaces (APIs) is spearheading digital transformation, leading to explosive growth in adoption of APIs in recent years. In fact, it’s hard to think of any software that doesn’t use or is in itself, an API. By supporting swift development and deployment, they help developers ... Read More
