Linkedin Tag

Blog

Industry News, Insights and Resources

The latest industry news, interviews, technologies, and resources.

Featured blog posts

An image of geese with text "Threat Feeds in 2024, A Wild Goose Chase"

Section

Threat Feeds In The AI Era

Here’s what threat feeds are, and why it’s only a small cog in the cyber security machine in 2024. We also share the more complete solution to protect yourself from cyber attacks.

A person making an online payment, and the logo of the PCI Security Standards Council

Section

PCI DSS 4.0 complete guide and steps

PCI DSS 4.0 is built on six foundational principles aimed at fostering a secure environment for people making (and those facilitating) online transactions. Let's dive into all of them and see how you can be fully compliant.

Why you can trust c/side

Script security is our bread and butter. For lots of vendors, serving the script is just a part of their product. We put every care and attention to detail in how we proxy, store and process scripts. We work to cover the blind spots that others might have missed.

Read More

The BrowseAloud Supply-Chain Attack: A Case Study in Cryptojacking

In February 2018, over 4,000 websites, including high-profile government bodies like the UK's Information Commissioner’s Office (ICO), fell victim to the BrowseAloud attack . This was not just another cybersecurity breach; it was a potent reminder of the hidden dangers of third-party scripts in our increasingly interconnected digital ecosystems. notionvc: ...

Read More

Why CSPs Are Not Enough

Content Security Policies (CSPs), scoped and promoted by the W3C , offer a browser-side feature designed to enhance web security. If implemented correctly, with specific rules per page, they can provide substantial security benefits. However, in practice, they tend to be cumbersome to set up, frequently break during local development, ...

Read More

Ticketmaster Data Breach Déjà Vu: What You Need to Know

Yesterday on May 29, 2024, news broke of an alleged data breach involving Ticketmaster , a prominent ticket sales and distribution company. The breach, reportedly executed by ShinyHunters , is claimed to have exposed the personal information of over 500 million customers. This breach includes sensitive data such as emails, ...

Read More

Supply Chain Risk Doesn’t End At NPM

Supply Chain attacks are a top of mind problem today. The number of these attacks in the US increased by 115% between 2022 and 2023, according to Statista . Tools like Socket and Coana detect harmful code in registries like NPM. But the supply chain risk doesn’t end there. However, ...

Read More

Kaiser Permanente Data Leak: A Case of Miscommunication and Inadequate Disclosure

On April 29th, healthcare giant Kaiser Permanente disclosed a data leak impacting 13.4 million current and former insurance members . The incident was rooted in improperly managed 3rd party scripts. The Incident Kaiser Permanente used tracking codes to monitor how its members navigated through its website and mobile applications. Some ...

Read More

Jscrambler Webpage Integrity vs c/side

Other than other competitors providing a form of browser-side security almost as an afterthought, Jscrambler’s focus is similar to ours at c/side.

Read More

Akamai Page Integrity Manager vs c/side

Akamai Page Integrity Manager vs c/side. Which is better?

Read More

Imperva Client-side Protection vs c/side

Let’s take an honest look at the features of Imperva’s Client-side Protection product vs c/side.

Read More

Cloudflare Page Shield vs c/side

This article takes an honest look at the features of Cloudflare Page Shield vs c/side.

Read More

Threat Feeds In The AI Era

Here’s what threat feeds are, and why it’s only a small cog in the cyber security machine in 2024. We also share the more complete solution to protect yourself from cyber attacks.

Read More

The 2021 cdnjs Vulnerability in Detail

Checking 3rd party scripts sources is great, but not enough. That’s what the world learned in 2021, when a massive vulnerability in Cloudlfare’s cdnjs got noticed. Here’s the rundown of what, and how, it happened. Cdnjs is one of the most commonly used JavaScript Content Delivery Networks (CDNs) of today. ...

Read More

The risk of only protecting your payment portals from 3rd party javascript attacks

At this time, only payment portals are required to have a system to keep 3rd party JavaScript in check. But, there’s still a data breach risk if you don’t secure all pages.

Read More

PCI DSS 4.0 complete guide and steps

PCI DSS 4.0 is built on six foundational principles aimed at fostering a secure environment for people making (and those facilitating) online transactions. Let's dive into all of them and see how you can be fully compliant.

Read More

Get Started Today

Start monitoring and securing 3rd party scripts on your websites today.