Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Content provided by ITSPmagazine, Sean Martin, and Marco Ciappelli. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by ITSPmagazine, Sean Martin, and Marco Ciappelli or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to ITSPmagazine Podcast Network
Welcome to Catalyst, the Launch by NTT DATA Podcast. Catalyst is an ongoing discussion for digital leaders dissatisfied with the status quo and optimistic about what’s possible through smart technology and great people. In this studio we believe in shipping software over slideware, that fast will follow smooth, and aiming to create digital experiences that move millions is a worthy pursuit.
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
Learn how people are using AI at work to collaborate, find focus, and get stuff done—not at some point in the future, but today. Hear founders, researchers, and engineers talk about the problems they’re solving with the help of new and emerging AI tools, and how AI can help you spend more time on the work that matters most.
…
continue reading
A podcast about web design and development.
…
continue reading
TechStuff is a show about technology. And it’s not just how technology works. Join host Jonathan Strickland as he explores the people behind the tech, the companies that market it and how technology affects our lives and culture.
…
continue reading
Tom Merritt, Sarah Lane and the team help you stay up to date with independent, authoritative and trustworthy tech news. Become a member at https://plus.acast.com/s/dtns. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
The Android podcast for everyone. A weekly show about Android, Google, and the best of mobile technology.
…
continue reading
From smart phones to smart homes, the Android Police Podcast gives you exactly what you need from a tech podcast - no more, no less. Every week, each of our hosts curate topics to talk about. It could be tracking through your newsfeed or a passion project or two. We're centered on Android, but go far and wide, so if you're looking for good talk that won't waste your time, listen and subscribe.
…
continue reading
Embedded is the show for people who love gadgets. Making them, breaking them, and everything in between. Weekly interviews with engineers, educators, and enthusiasts. Find the show, blog, and more at embedded.fm.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
JavaScript is Often the Most Common Resource to be Compromised and Exploited | Let's See How Client-Side Security Can Help Successfully Navigate the Application Threat Landscape | An Imperva Brand Story with Lynn Marks: Sr. Product Manager
Manage episode 405059457 series 2972571
Content provided by ITSPmagazine, Sean Martin, and Marco Ciappelli. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by ITSPmagazine, Sean Martin, and Marco Ciappelli or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Understanding the complexities around client-side security is more important than ever. As businesses and individuals, we are all 'people of the web', and protecting web transactions and user-data becomes our collective responsibility. On this episode of the Brand Story Podcast, hosts Sean Martin and Marco Ciappelli discuss these complexities with Lynn Marks, Senior Product Manager from Imperva.
The conversation begins with a key question: What is client-side protection?
Marks explains that modern engineering teams often place much of the applicational logic into the client-side, utilizing third-party JavaScript extensively. But as the prevalence of JavaScript increases, so does its vulnerability to being hijacked. A major concern is ‘form-jacking,’ where bad actors compromise JavaScript to skim sensitive information one record at a time. Due to the slow, low, and under-the-radar nature of these attacks, they often go unnoticed, emphasizing the need for proactive detection and robust prevention methods.
Marks highlights that many organizations are currently blind to these client-side attacks and require visibility into their online activity. This is where Imperva’s Client-Side Protection product comes in. It enables organizations to start gaining visibility, insights, and the ability to either allow or block the execution of certain actions on their client-side applications. The goal is to streamline their compliance processes, manage the auditing stages effectively, and facilitate them to make data-driven, informed decisions.
Marks also discusses the importance of adhering to PCI-DSS (Payment Card Industry Data Security Standard)—specifically version 4.0. As this standard applies to all organizations processing payment information, it plays a significant role in helping organizations build programs capable of combating these attacks. Imperva’s Client-Side Protection product aligns with this framework, providing necessary visibility and insights while streamlining the auditing and compliance processes.
For Imperva WAF customers, the Imperva client-side solution can be activated with just one click, removing any constraints and giving back control to the security teams. As organizations implement these security measures into their regular processes, they gain the ability to forecast and manage potential threats better.
Maintaining client-side security is undoubtedly a complex task, especially with the ever-increasing and evolving use of JavaScript. However, with comprehensive visibility, robust solutions, and readily-available compliance with industry standards, organizations can efficiently manage these threats and ultimately protect the end-users. By fostering a proactive stance towards cybersecurity, we can maintain the integrity of our online experiences and embrace our roles as responsible people of the web.
Top Questions Addressed
- What is client-side protection?
- How can an organization protect itself against client-side attacks?
- What is the role of Imperva's Client Side Protection product in combating client-side security threats?
Note: This story contains promotional content. Learn more.
Guest: Lynn Marks, Senior Product Manager at Imperva [@Imperva]
On Linkedin | https://www.linkedin.com/in/lynnmarks1/
Blog | https://thenewstack.io/author/lynn-marks/
Resources
Learn more about Imperva and their offering: https://itspm.ag/imperva277117988
Guide: The Role of Client-Side Protection: https://itspm.ag/impervlttq
Catch more stories from Imperva at https://www.itspmagazine.com/directory/imperva
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
614 episodes
Share
Manage episode 405059457 series 2972571
Content provided by ITSPmagazine, Sean Martin, and Marco Ciappelli. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by ITSPmagazine, Sean Martin, and Marco Ciappelli or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Understanding the complexities around client-side security is more important than ever. As businesses and individuals, we are all 'people of the web', and protecting web transactions and user-data becomes our collective responsibility. On this episode of the Brand Story Podcast, hosts Sean Martin and Marco Ciappelli discuss these complexities with Lynn Marks, Senior Product Manager from Imperva.
The conversation begins with a key question: What is client-side protection?
Marks explains that modern engineering teams often place much of the applicational logic into the client-side, utilizing third-party JavaScript extensively. But as the prevalence of JavaScript increases, so does its vulnerability to being hijacked. A major concern is ‘form-jacking,’ where bad actors compromise JavaScript to skim sensitive information one record at a time. Due to the slow, low, and under-the-radar nature of these attacks, they often go unnoticed, emphasizing the need for proactive detection and robust prevention methods.
Marks highlights that many organizations are currently blind to these client-side attacks and require visibility into their online activity. This is where Imperva’s Client-Side Protection product comes in. It enables organizations to start gaining visibility, insights, and the ability to either allow or block the execution of certain actions on their client-side applications. The goal is to streamline their compliance processes, manage the auditing stages effectively, and facilitate them to make data-driven, informed decisions.
Marks also discusses the importance of adhering to PCI-DSS (Payment Card Industry Data Security Standard)—specifically version 4.0. As this standard applies to all organizations processing payment information, it plays a significant role in helping organizations build programs capable of combating these attacks. Imperva’s Client-Side Protection product aligns with this framework, providing necessary visibility and insights while streamlining the auditing and compliance processes.
For Imperva WAF customers, the Imperva client-side solution can be activated with just one click, removing any constraints and giving back control to the security teams. As organizations implement these security measures into their regular processes, they gain the ability to forecast and manage potential threats better.
Maintaining client-side security is undoubtedly a complex task, especially with the ever-increasing and evolving use of JavaScript. However, with comprehensive visibility, robust solutions, and readily-available compliance with industry standards, organizations can efficiently manage these threats and ultimately protect the end-users. By fostering a proactive stance towards cybersecurity, we can maintain the integrity of our online experiences and embrace our roles as responsible people of the web.
Top Questions Addressed
- What is client-side protection?
- How can an organization protect itself against client-side attacks?
- What is the role of Imperva's Client Side Protection product in combating client-side security threats?
Note: This story contains promotional content. Learn more.
Guest: Lynn Marks, Senior Product Manager at Imperva [@Imperva]
On Linkedin | https://www.linkedin.com/in/lynnmarks1/
Blog | https://thenewstack.io/author/lynn-marks/
Resources
Learn more about Imperva and their offering: https://itspm.ag/imperva277117988
Guide: The Role of Client-Side Protection: https://itspm.ag/impervlttq
Catch more stories from Imperva at https://www.itspmagazine.com/directory/imperva
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
614 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to ITSPmagazine Podcast Network
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Welcome to Catalyst, the Launch by NTT DATA Podcast. Catalyst is an ongoing discussion for digital leaders dissatisfied with the status quo and optimistic about what’s possible through smart technology and great people. In this studio we believe in shipping software over slideware, that fast will follow smooth, and aiming to create digital experiences that move millions is a worthy pursuit.
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
Learn how people are using AI at work to collaborate, find focus, and get stuff done—not at some point in the future, but today. Hear founders, researchers, and engineers talk about the problems they’re solving with the help of new and emerging AI tools, and how AI can help you spend more time on the work that matters most.
…
continue reading
A podcast about web design and development.
…
continue reading
TechStuff is a show about technology. And it’s not just how technology works. Join host Jonathan Strickland as he explores the people behind the tech, the companies that market it and how technology affects our lives and culture.
…
continue reading
Tom Merritt, Sarah Lane and the team help you stay up to date with independent, authoritative and trustworthy tech news. Become a member at https://plus.acast.com/s/dtns. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
The Android podcast for everyone. A weekly show about Android, Google, and the best of mobile technology.
…
continue reading
From smart phones to smart homes, the Android Police Podcast gives you exactly what you need from a tech podcast - no more, no less. Every week, each of our hosts curate topics to talk about. It could be tracking through your newsfeed or a passion project or two. We're centered on Android, but go far and wide, so if you're looking for good talk that won't waste your time, listen and subscribe.
…
continue reading
Embedded is the show for people who love gadgets. Making them, breaking them, and everything in between. Weekly interviews with engineers, educators, and enthusiasts. Find the show, blog, and more at embedded.fm.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
