Website Security Standards - Tagged - Security Boulevard

Google fights DOM XSS with Trusted Types

DOM-based cross-site scripting (DOM XSS) attacks are one of the most prevalent and dangerous web security vulnerabilities. In DOM XSS attacks, malicious code is executed inside the browser, making them particularly difficult ...

Defense in depth: iFrame Sandboxing and Feature Policy

Web integrations and rich user experience present cybercriminals with an ever-expanding surface to attack. Key new features in Tala’s solution will broaden your defenses ...

When is a “CSP bypass” not a CSP bypass?

You may have seen the news last week, but if you haven’t, let me bring you up to speed. The research team at PerimeterX disclosed a “CSP bypass” involving the use of ...

When is a CSP bypass not a CSP bypass?

You may have seen the news last week, but if you haven’t, let me bring you up to speed. The research team at PerimeterX disclosed a “CSP bypass” involving the use of ...