Hi [[ session.user.profile.firstName ]]

Magecart: What it is, how it works, and how to prevent it

Join Instart’s VP of Technology, Peter Blum, in a fireside chat where we will discuss the latest threat “Magecart” and answer all your questions about what you can do to prevent it.

In this webinar, you will learn:
- What a Magecart attack is
- How it works
- What IT departments should do to address the threat
- What you can do to prevent it
Recorded Jul 25 2019 15 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Peter Blum, VP of Technology
Presentation preview: Magecart: What it is, how it works, and how to prevent it

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Capital One breach: AWS SSRF is a feature not a bug Recorded: Aug 30 2019 11 mins
    Andy Wyatt, Sr. Technologist at Instart
    In July 2019, Paige Thompson, a former Amazon employee, was arrested for the Capital One breach that affected over 100 million customers who had applied for a credit card with Capital One.

    While the focus of the breach was initially on Capital One, investigations are now being undertaken by numerous other organizations following evidence of data exfiltration. As investigations continue, businesses need to understand what happened to Capital One, so they can ensure an attack like theirs doesn’t happen to them.

    Join Instart's Sr. Technologist, Andy Wyatt, to discuss:

    -What happened during the Capital One breach
    -The key takeaways your business can learn from this breach
    -Why Instart's web application firewall can make a difference in preventing a breach like this
  • How to prevent formjacking and data skimming from compromising security Recorded: Aug 28 2019 15 mins
    Andy Wyatt, Sr. Technologist at Instart and Bob Fornesi, Director of Customer Success at Instart
    Join Instart’s Sr. Technologist, Andy Wyatt, and Director of Customer Success, Bob Fornesi, to discuss how formjacking and data skimming can introduce vulnerabilities to your web app.

    In this webinar, you will learn:
    -The most common problems associated with formjacking and data skimming
    -Supply chain attack vectors and how to prevent them
    -Why your existing security tools don’t help
    -How Instart protects websites from attacks to third-party JavaScript
  • 5 steps to secure your web apps against top web security attacks Recorded: Aug 22 2019 37 mins
    Jon Wallace, Technologist at Instart
    Join Instart’s Technologist, Jon Wallace, in the first episode of our Web App Security Expert webinar series to discuss the five steps you can take to secure your web apps against today’s top security threats.

    You’ll learn about the:
    -Top four key recent web application attack trends
    -State of the modern web application
    -Five steps to secure your web apps
    -How Instart protects your web apps from the origin to the browser
  • Magecart: What it is, how it works, and how to prevent it Recorded: Jul 25 2019 15 mins
    Peter Blum, VP of Technology
    Join Instart’s VP of Technology, Peter Blum, in a fireside chat where we will discuss the latest threat “Magecart” and answer all your questions about what you can do to prevent it.

    In this webinar, you will learn:
    - What a Magecart attack is
    - How it works
    - What IT departments should do to address the threat
    - What you can do to prevent it
  • 7 common web application security attacks & what you can do to prevent them Recorded: Jul 18 2019 63 mins
    Jon Wallace, Technologist at Instart
    Join Instart Technologist, Jon Wallace, to learn about the seven most common website and web application attacks and how you can prevent them with the right preparation.

    Anyone who operates a website should be concerned about security, especially the security of your sensitive customer information. However, unless you keep an ear to the ground about security news, it is often only the most high profile or sophisticated attacks that you actually hear about. The reality is that common, low level attacks are executed every single day against websites and web applications. There is a reason the OWASP top 10 hasn’t changed in years. The good news is these types of attacks are preventable with the right preparation.


    In this webinar, you will learn:

    -What motivates hackers
    -What makes an application a target
    -What are the seven most common website and web application attacks
    -How you should protect your web apps
  • What British Airways teaches us about web skimming attacks & avoiding GDPR fines Recorded: Jul 12 2019 13 mins
    Andy Wyatt, Sr. Technologist at Instart
    Recently, the first GDPR fine was imposed against British Airways for the Magecart breach of its website. Shocking news to the world, this huge hit cost British Airways 1.5% of their 2017 revenues. As one of the most common web threats, it's come time for organizations to develop a strategy for dealing with web skimming attacks like Magecart.

    Join our security expert, Andy Wyatt, and learn:
    -What is a web skimming attack
    -What is your responsibility as a website owner
    -How to avoid GDPR fines related to web skimming
  • Why security teams need a Magecart plan Recorded: Jul 12 2019 18 mins
    Andy Wyatt, Sr. Technologist at Instart
    It was only last year when British Airways failed to prevent a data breach leading to a $230 million fine. And now, news has broken that over 900 eCommerce sites were recently compromised by a Magecart attack in a digital skimming campaign. As hackers continue to exploit vulnerabilities exposed in eCommerce platforms and third party tools that allows Magecart access to a site, organizations need to take the next step to ensure their customers' data is secure.

    Join Andy Wyatt, Sr. Technologist, to learn:

    -Why Magecart is so dangerous
    -Why companies need a prevention plan for Magecart
    -How to prevent Magecart from stealing your customers' data
  • Common web security challenges and the data behind them Recorded: Jun 25 2019 48 mins
    VP, Research Director at Forrester Research, Amy DeMartine and Chief Customer Officer at Instart, Mitch Parker
    Join VP, Research Director at Forrester Research, Amy DeMartine and Chief Customer Officer at Instart, Mitch Parker, to learn how you should be thinking about web app security as the web continues to evolve.

    In this webinar, you will learn:
    -About the changing threat landscape of modern web apps based on analyst provided data
    -Where your security teams should be spending their time
    -How attacks are becoming more sophisticated and harder to differentiate from real human traffic
    -How existing CDN and edge architectures fall short of protecting your web applications
    -Why going beyond the edge, and into the browser, is the only way to prevent sophisticated attacks
    -How Instart is the only platform to combine an intelligent cloud service with a browser virtualization layer for complete visibility and protection against both application threats as well as emerging threats
  • Preventing web skimming attacks like Magecart Recorded: May 22 2019 36 mins
    Andy Wyatt, Sr. Product Marketing Manager, Instart
    Regardless of how web skimmers infect your website, preventing your customer's personal information like credit card numbers, social security numbers, passwords and more from being skimmed is the only way to actually protect your website and your customers.

    In this webinar, we’ll cover:

    -How web skimming attacks like Magecart work and how they are notably different than traditional breaches
    -How this vulnerability is impossible to solve with the current security tools and infrastructure
    -Why preventing data exfiltration from the browser is the only way to fully protect yourself from web skimming attacks.
  • Going beyond “reasonable security measures” to align with CCPA and GDPR Recorded: May 16 2019 44 mins
    Andy Wyatt, Senior Technologist
    Don’t let third-party code (continue to) steal your customer information.

    While 2018 was the year of GDPR, the new California Consumer Privacy Act (CCPA) is coming in 2020 and chances are your web apps are still not fully compliant. Both of these privacy regulations require that businesses take adequate precautions to protect customer information and prevent unauthorized access. Unfortunately, third-party tags or scripts in your web apps make it difficult to comply with this requirement.
    All third-party code included in your web apps executes in the browser and has access to the same cookies and form fields that your first-party code does, leaving your customers’ data at risk for exfiltration through formjacking or cookie stealing. If you don’t take steps to prevent third parties from accessing sensitive information that customers enter on your website, you won’t be compliant, and worse yet, could see massive fines in line with what British Airways experienced.

    The unfortunate reality is that the web was not built with privacy in mind, but there are ways to secure your customer data.


    In this webinar, we’ll cover:

    - The current ‘backdoors’ that exist in your web apps due to third-party code
    - Why existing tag management and security measures are not enough
    - How to defend customer information from being leaked by your web apps
  • Understanding the 3rd-, 4th-, and 5th- party calls your website makes Recorded: May 15 2019 42 mins
    Andy Wyatt, Senior Product Marketing Manager, Instart
    How to audit your current website and tags for potential third-party issues.

    The nature of JavaScript is that all code — both first- and third-party, shares all the same resources, has access to all the same data, and has use of all the same variables.

    Third-party services are a great way to add functionality, but it’s crucial to have visibility and control over them to ensure they don’t impact the performance, reliability, or security of your site. Do you worry about the performance and security risks third-party services may pose for your users? Are you struggling with finding and addressing issues due to third-party outages, variable collisions, JavaScript errors, and other third-party service reliability concerns? Have you been reading about the Magecart attacks and wondering how to prevent them?

    In this webinar, you'll learn about:

    - Common issues third-party services cause
    - How to audit your website and third-party services for potential issues
    - What can be done when a third-party service causes a performance, reliability or security issue
  • Your modern website needs a modern CDN Recorded: Apr 25 2019 39 mins
    Andy Wyatt, Senior Product Marketing Manager, Instart
    Delivering exceptional web experiences today requires a CDN that can go beyond the edge, and actually give you control and optimizations in the browser.

    As the web quickly changes, your customers expect more secure and performant web experiences. It’s crucial that your CDN does more than just cache static files and be available all around the world.

    The truth is, almost 50% of the requests an average website makes comes from a third party, which means a traditional CDN is only delivering half of your web experience. On top of that, the browser, not the edge, is becoming the point where optimizations and control need to be applied to give every user a great experience with your website.

    In this webinar, we’ll cover:

    - What makes up a modern website: public cloud, third-party tags, and dynamic content all coming together in the browser
    - Why modern websites need more than just caching and delivery to enable exceptional customer experiences
    - What optimizations and controls you should be looking for in a modern CDN
  • Preventing Magecart—stopping the exfiltration of sensitive data from the browser Recorded: Mar 14 2019 38 mins
    Andy Wyatt, Sr. Product Marketing Manager, Instart
    Regardless of how Magecart infects your website, preventing your customers' credit card numbers from being skimmed is the only way to actually protect your website and your customers.

    Looking at Magecart through the lens of E-Commerce, in this webinar you will learn:
    - What the Magecart vector of attack is and how it is notably different than traditional breaches
    - How this vulnerability is impossible to solve with the current security tools and infrastructure
    - Why preventing data exfiltration from the browser is the only way to fully protect yourself from Magecart
  • Third-party JavaScripts are out of control Recorded: Feb 24 2019 26 mins
    Andy Wyatt, Sr. Product Marketing Manager, Instart
    An introduction to Instart Web Skimming ProtectionTag Control

    Are you interested in how to best control the performance, reliability, and security of your websites? Join us for a brief webinar on how Instart Web Skimming Protection can give you visibility and control of all your third-party services as they come together with your first-party code, at runtime, in the browser.

    In this webinar, you'll learn about:
    -Common problems related to performance, reliability, and security introduced by third-party services
    -How to gain visibility into how and when third-party JavaScript are loading and what controls you should have in place for them
Webcasts to learn how to enhance web performance and ad viewability.
Instart’s digital experience automation solution helps leading brands around the world deliver amazing web experiences to more than 250 million customers a day. Through its revolutionary DX Cloud product line, Instart continuously analyzes customers’ point of experience to provide ultra-fast, visually immersive, and highly secure digital experiences on any device. Learn more at www.instart.com or follow us on Twitter at @Instart.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Magecart: What it is, how it works, and how to prevent it
  • Live at: Jul 25 2019 6:00 pm
  • Presented by: Peter Blum, VP of Technology
  • From:
Your email has been sent.
or close