Website Security Standards Archives

Hot Topics

Google fights DOM XSS with Trusted Types

Surabhi Sinha, Product Manager | July 15, 2021 | Application Security, AppSec, Technical Content, Web Security Standards, Website Security, Website Security Standards

DOM-based cross-site scripting (DOM XSS) attacks are one of the most prevalent and dangerous web security vulnerabilities. In DOM XSS attacks, malicious code is executed inside the browser, making them particularly difficult ...

Tala Blog

Defense in depth: iFrame Sandboxing and Feature Policy

Deepika Gajaria, Senior Director, Product Management | August 11, 2020 | Website Security Standards

Web integrations and rich user experience present cybercriminals with an ever-expanding surface to attack. Key new features in Tala’s solution will broaden your defenses ...

Tala Blog

When is a “CSP bypass” not a CSP bypass?

Michael Rogers | July 8, 2020 | Website Security Standards

You may have seen the news last week, but if you haven’t, let me bring you up to speed. The research team at PerimeterX disclosed a “CSP bypass” involving the use of ...

Tala Blog

When is a CSP bypass not a CSP bypass?

Michael Rogers | July 8, 2020 | Website Security Standards

You may have seen the news last week, but if you haven’t, let me bring you up to speed. The research team at PerimeterX disclosed a “CSP bypass” involving the use of ...

Tala Blog