A New York special: NYDFS cybersecurity regulation (23 NYCRR 500)
23 NYCRR 500, also known as NYDFS Cybersecurity Regulation, is a law issued by the New York State Department of Financial Services (NYDFS) that mandates the enforcement of optimal data security standards to safeguard websites and apps. 23 NYCRR 500 […] The post A New York special: NYDFS cybersecurity regulation ... Read More
In Retrospect: The SolarWinds Attack
The recently exposed SolarWinds supply chain attack is one of the biggest cybersecurity events in recent memory. It created a ripple effect that will be felt for years to come on a global scale. Third-party security will never be the […] The post In Retrospect: The SolarWinds Attack appeared first ... Read More
Achieving CCPA with Third-Party Application Security
The California Consumers Protection Act 2018, also known as CCPA, is a consumer privacy law passed by the State of California to give eCommerce, Online Finance/Banking, and eService users more information and control over how their personal information is being […] The post Achieving CCPA with Third-Party Application Security appeared ... Read More
3 Web Third-Party Security Related Events You Don’t Want to Miss: January 2021
2020 concluded with a flurry of cybersecurity incidents and developments that are making companies rethink their third-party application security strategy. The legal consequences of regulatory hiccups, financial implications of data breaches, and the poor state of third-party application security in […] The post 3 Web Third-Party Security Related Events You ... Read More
The ICO Fines Ticketmaster UK £1.25 Million for Security Failures: A Lesson to be Learned
Ticketmaster UK, a leading ticketing company and part of Ticketmaster, has been fined £ 1.25 million by the Information Commissioner’s Office (ICO) as it failed to protect customer data during the infamous February 2018 data breach. The company is still not taking ownership of the breach, caused by a third-party ... Read More
Content Security Policy (CSP): Not Exactly a Magecart Vaccine
With millions of buyers escalating their online activity ahead of Black Friday and the holiday season, it’s important for eCommerce websites and online businesses to combat Magecart and web-skimming issues in a proactive and relentless manner. Can the proven and tested Content Security Policy (CSP) get the job done? Without ... Read More
How Black Friday and Cyber Monday Can Go From a Retailer’s Dream Into a CiSO’s Worst Nightmare
The shopping season which begins on Black Friday rolling over to Cyber Monday, is actually one of the most critical times for online retailers. During this period promotions are offered, new products are launched, and the shopping websites themselves invest all their resources to increase the volume of purchases. Unfortunately, ... Read More
Why and How are Enterprise Companies, Like eBay, Actively Port-scanning End-users’ Computers From Their Websites
You might have recently heard that eBay is performing port scanning, while online shoppers are visiting their website. At first glance, it will probably sound a bit strange, as port scanning is an internal network action. As such, it is designed to detect services and should not be related to ... Read More
Taking Third-Party Application Security to the Next Level: Version 2.8’s Multiple Website Dashboard
Version 2.8 Goes LIVE! Almost any organization today uses dozens of websites and subdomains. Each provides essential functions and uses dozens of third-party apps and tags to produce its capabilities. Those assets are managed by multiple teams on the enterprise level and medium-large organizations, requiring different conduct and high-level attention ... Read More
The Cybersecurity Effects of Fourth-Parties on Websites
Fourth party apps on websites are commonly referred to as “the vendor’s vendor code”. Fourth-party apps may offer additional benefits, but at the same time they also carry a set of threats while running on your websites. For your users, they are all, first-parties. In this article, we will refer ... Read More
