Hi [[ session.user.profile.firstName ]]

Holiday Readiness and the Shadow Code Risk

Studies show that up to 70% of the scripts running on a typical website are third-party, which in turn call other scripts creating an extensive digital supply chain. These scripts and libraries introduce Shadow Code into the application which alters its security posture and vastly expands the attack surface. The recent succession of digital skimming and Magecart attacks on the client-side of web applications are one such consequence of Shadow Code.

Paradigms like CI/CD, DevOps and DevSecOps enable a faster app development pipeline but make it harder to meet information security standards and data privacy requirements. However, security and innovation do not need to be at odds.

Key Takeaways:

1. Things to know about the Shadow Code and the negative impacts to your applications before the holiday shopping rush
2. Findings from a 2020 Survey on scope and impacts of Shadow Code in web applications
3. Strategies to manage Shadow Code risk using a trust but verify model
Recorded Sep 2 2020 36 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ameet Naik, PerimeterX; Alexandra Brown, RH-ISAC
Presentation preview: Holiday Readiness and the Shadow Code Risk

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • 5 Key Cybersecurity Insights to Gauge your Security Posture Sep 15 2021 5:00 pm UTC 52 mins
    Steve Piper, Founder and CEO at CyberEdge; Kim DeCarlis, CMO at PerimeterX
    PerimeterX is proud to announce Analyst Hour, a new interactive series of talks to help you get the latest cybersecurity insights from top researchers and analysts.
    To kick off the first episode we invited the founder and CEO of CyberEdge Group Steve Piper.
    With the April 21 release of the Cyberthreat Defense Report 2021, Steve and PerimeterX CMO, Kim DeCarlis, will have plenty to talk about, including the findings from the report and industry trends.

    Join our live session on May 27 to hear about the key insights from this year’s report, including:
    - The weakest links and main concerns in IT Security
    - Which technology was named the #1 priority on the list of technologies planned for acquisition this year
    - The security gaps in retail and financial services segments
    - How new IT security investments are being reprioritized
  • How to Protect your Digital Bank from Account Fraud Sep 7 2021 6:00 pm UTC 33 mins
    Kim DeCarlis, CMO and Uriel Maimon, Senior Director of Emerging Technologies
    For any major bank or financial institution, account fraud - also known as account takeover (ATO) or credential stuffing - is a growing threat. This is especially true since digital banking has soared during the pandemic: 52% of people have increased their use of digital banking services with millennial use even higher. Authorities have taken note with both the SEC and FBI issuing credential stuffing attack warnings to financial services firms in the fall of 2020.

    During this webinar, we will talk about a proactive approach that digital bank operators can take to provide the best - and safest - experience for their account holders. Join us live on June 3 to:

    Learn how to spot automated account fraud
    Understand techniques to stop account fraud
    Hear how a top regional bank faced this challenge head on, and managed rapid digital growth while fending off an increase in attacks
  • The Top 3 Takeaways from the Automated Fraud Benchmark Report Aug 31 2021 5:00 pm UTC 34 mins
    Kim DeCarlis, CMO at PerimeterX; Liel Strauch, Director of Security Research
    The PerimeterX Automated Fraud Benchmark Report is an annual survey of the web app traffic and threat patterns experienced by some of the largest and most respected brands in retail e-commerce.
    During this webinar PerimeterX director of Security Research, Liel Strauch will dive into the hidden behaviors and notable trends that impact e-commerce retailers. The findings are taken from anonymous data captured from online interactions of millions of consumers and hundreds of millions of bots during 2020.
    Join the live discussion to get the unique insights and learn:
    - What you need to do to adapt to the new environment of higher automated fraud activity
    - Tips to help you proactively plan for future trends and traffic spikes
    - Best practices for securing your e-commerce platform and your customer experience
  • Tech Talk Episode 2: Finding Malicious JavaScript that Compromises Your Code Aug 25 2021 6:00 pm UTC 34 mins
    Amir Shaked, SVP R&D, Avishai Shafir, Director of Cybersecurity Strategy
    Software engineers focus on releasing software as fast as possible. To speed up the process, development teams often take advantage of modular code from open-source repositories, third-party vendor scripts or common libraries that are freely available. Unfortunately, this could end up unintentionally introducing malicious JavaScript that may expose the whole environment to security vulnerabilities -- sometimes immediately or at a later time when the code’s origin has been long forgotten. This code from bad actors often hides in what many developers assume to be reputable sources.

    In this Tech Talk, we will discuss:
    -How to identify JavaScript that is malicious
    -Differences between security scanners and security monitors
    -Ways to eliminate the tension between Security Teams, DevSecOps and Developers

    You’ll walk away from this session with new ideas that you can put into practice quickly, so invite your team. The first 50 attendees will also receive a $20 gift card to use online with a PerimeterX customer.
  • TechTalk Episode 3: Securing Modern Web Apps Aug 25 2021 5:00 pm UTC 60 mins
    Ido Safruti, CTO/Cofounder in R&D and Uriel Maimon, Senior Director of Emerging Technologies
    Modern web apps that people rely upon today are different than apps were in the past. They are composed of components that perform specific tasks and microservices architectures that fully leverage the cloud. Some components and services are written by the web developer, others come from partners and yet others from open source libraries.

    This approach also means that modern web apps are no longer delivered from a single data center or cloud. They consist of a complex ecosystem of services that come together on the end user’s browser or mobile device. It is no longer practical to funnel all these services through a single monolithic policy enforcement point or gateway. Providing visibility and control of modern web applications requires a new way of thinking and new approaches.

    In this Tech Talk, PerimeterX Co-founder and CTO, Ido Safruti and Uriel Maimon, Senior Director of Emerging Technologies will discuss:

    - What is a modern web app?
    - How is protecting a modern web app different?
    - Technologies that provide visibility and control of your modern web app
  • Analyst Hour: Holiday Season Prep Aug 18 2021 5:00 pm UTC 53 mins
    Sandy Carielli, Principal Analyst, Forrester Research and Kim DeCarlis, CMO, PerimeterX
    The holiday season may be months away, but recent data shows that seasonal cyberattacks on retail e-commerce businesses have begun to start earlier every year. Attack patterns from Cyber 5 weekend — the weekend between Thanksgiving and Cyber Monday — have become more common throughout the year. And with 2020 in the rearview, there's much to learn about which attacks will be most prevalent.

    Join PerimeterX CMO, Kim DeCarlis and guest speaker, Principal Analyst, Sandy Carielli of Forrester Research as they discuss how to protect your customers and safeguard your retail e-commerce business for the 2021 holiday season — and year-round.

    Attend this webinar to find out:
    - Key takeaways from last year's holiday season
    - The latest trends in the wild world of automated attacks
    - Top tips for retailers to get ahead and prepare for 2021 Cyber 5
  • Cybersecurity and the New Normal for Your Digital Business Aug 18 2021 5:00 pm UTC 60 mins
    Uriel Maimon, Senior Director of Emerging Technologies
    In today’s digital world, a company’s website or web app is the way that consumers discover, shop and interact with a brand. Online traffic to your digital headquarters has reached new heights and so has cybercriminal activity, with sophisticated online fraud schemes and digital skimming attacks hitting the press daily. So what is the digital business leader to do?

    First, educate yourself about the threats that are hidden just under the surface of your websites and web apps. Then learn about ways to address them. This webinar will do both, including:

    -Sharing trends in traffic, automated fraud and client side attacks
    -Pointing out signs that your website or web app may have a problem
    -Discussing techniques for securing modern web apps
    -Learning how top brands have faced cybersecurity challenges head on

    Sign up today to learn how best to protect your digital headquarters from automated fraud and client-side threats.
  • Industry Trends: The New Normal for Cybersecurity Aug 5 2021 5:00 pm UTC 60 mins
    Ed Amoroso, CEO at Tag Cyber; Omri Iluz, CEO at PerimeterX
    In this second installment of PerimeterX Analyst Hour — a new series of talks featuring the latest cybersecurity insights from the top industry researchers and analysts —TAG Cyber CEO Ed Amoroso joins PerimeterX CEO Omri Iluz. In this session, you will hear their perspectives on the new normal for cybersecurity and what security and digital teams need to do to stay ahead.

    Join the live session on August 5th to learn about:

    - Trends in automated attacks and how they’ve changed
    - Recommendations for building and securing modern web apps
    - Insights on the technologies that will help keep your business moving forward
  • Analyst Hour: Holiday Season Prep with Forrester Recorded: Jul 14 2021 53 mins
    Sandy Carielli, Principal Analyst, Forrester Research and Kim DeCarlis, CMO, PerimeterX
    The holiday season may be months away, but recent data shows that seasonal cyberattacks on retail e-commerce businesses have begun to start earlier every year. Attack patterns from Cyber 5 weekend — the weekend between Thanksgiving and Cyber Monday — have become more common throughout the year. And with 2020 in the rearview, there's much to learn about which attacks will be most prevalent.

    Join PerimeterX CMO, Kim DeCarlis and guest speaker, Principal Analyst, Sandy Carielli of Forrester Research as they discuss how to protect your customers and safeguard your retail e-commerce business for the 2021 holiday season — and year-round.

    Attend this webinar to find out:
    Key takeaways from last year's holiday season
    The latest trends in the wild world of automated attacks
    Top tips for retailers to get ahead and prepare for 2021 Cyber 5
  • Tech Talk Episode 2: Finding Malicious JavaScript that Compromises Your Code Recorded: Jun 29 2021 34 mins
    Amir Shaked, SVP R&D, Avishai Shafir, Director of Cybersecurity Strategy
    Software engineers focus on releasing software as fast as possible. To speed up the process, development teams often take advantage of modular code from open-source repositories, third-party vendor scripts or common libraries that are freely available. Unfortunately, this could end up unintentionally introducing malicious JavaScript that may expose the whole environment to security vulnerabilities -- sometimes immediately or at a later time when the code’s origin has been long forgotten. This code from bad actors often hides in what many developers assume to be reputable sources.

    In this Tech Talk, we will discuss:
    -How to identify JavaScript that is malicious
    -Differences between security scanners and security monitors
    -Ways to eliminate the tension between Security Teams, DevSecOps and Developers

    You’ll walk away from this session with new ideas that you can put into practice quickly, so invite your team. The first 50 attendees will also receive a $20 gift card to use online with a PerimeterX customer.
  • The Top 3 Takeaways from the Automated Fraud Benchmark Report Recorded: Jun 8 2021 34 mins
    Kim DeCarlis, CMO at PerimeterX; Liel Strauch, Director of Security Research
    The PerimeterX Automated Fraud Benchmark Report is an annual survey of the web app traffic and threat patterns experienced by some of the largest and most respected brands in retail e-commerce.
    During this webinar PerimeterX director of Security Research, Liel Strauch will dive into the hidden behaviors and notable trends that impact e-commerce retailers. The findings are taken from anonymous data captured from online interactions of millions of consumers and hundreds of millions of bots during 2020.
    Join the live discussion to get the unique insights and learn:
    - What you need to do to adapt to the new environment of higher automated fraud activity
    - Tips to help you proactively plan for future trends and traffic spikes
    - Best practices for securing your e-commerce platform and your customer experience
  • How to Protect your Digital Bank from Account Fraud Recorded: Jun 3 2021 33 mins
    Kim DeCarlis, CMO and Uriel Maimon, Senior Director of Emerging Technologies
    For any major bank or financial institution, account fraud - also known as account takeover (ATO) or credential stuffing - is a growing threat. This is especially true since digital banking has soared during the pandemic: 52% of people have increased their use of digital banking services with millennial use even higher. Authorities have taken note with both the SEC and FBI issuing credential stuffing attack warnings to financial services firms in the fall of 2020.

    During this webinar, we will talk about a proactive approach that digital bank operators can take to provide the best - and safest - experience for their account holders. Join us live on June 3 to:

    Learn how to spot automated account fraud
    Understand techniques to stop account fraud
    Hear how a top regional bank faced this challenge head on, and managed rapid digital growth while fending off an increase in attacks
  • 5 Key Cybersecurity Insights to Gauge your Security Posture Recorded: May 27 2021 52 mins
    Steve Piper, Founder and CEO at CyberEdge; Kim DeCarlis, CMO at PerimeterX
    PerimeterX is proud to announce Analyst Hour, a new interactive series of talks to help you get the latest cybersecurity insights from top researchers and analysts.
    To kick off the first episode we invited the founder and CEO of CyberEdge Group Steve Piper.
    With the April 21 release of the Cyberthreat Defense Report 2021, Steve and PerimeterX CMO, Kim DeCarlis, will have plenty to talk about, including the findings from the report and industry trends.

    Join our live session on May 27 to hear about the key insights from this year’s report, including:
    - The weakest links and main concerns in IT Security
    - Which technology was named the #1 priority on the list of technologies planned for acquisition this year
    - The security gaps in retail and financial services segments
    - How new IT security investments are being reprioritized
  • Tech Talk Episode 1: 5 Steps to Secure your Web Apps with SFCC Recorded: May 18 2021 26 mins
    Jim Krueger, Salesforce Commerce Cloud Performance Engineer; Johnny Tordgeman, PerimeterX Senior Solutions Architect
    Your retail business relies on your e-commerce storefront as the primary way for consumers to interact with your brand. Developers are under pressure to address emerging threats, as increased website traffic has created a perfect environment for cybercriminals to launch highly sophisticated attacks against retail targets.

    In this Tech Talk, PerimeterX Senior Solutions Architect, Johnny Tordgeman and Salesforce Commerce Cloud Performance Engineer, Jim Krueger will discuss how to leverage the Salesforce Storefront Reference Architecture (SFRA) to get ahead of automated attacks by setting up a secure digital storefront on day one. Come join the discussion that will include:
    - Security tips and techniques for securing your digital storefront
    - Creating a basic bot protection cartridge
    - Integrating with external security services
    - Manipulating HTML response to blocked requests

    Register now to learn new skills and build your SFCC technical expertise.
  • How to Balance Digital Innovation and Automated Fraud Risk Recorded: Apr 8 2021 26 mins
    Reesha Dedhia, Principal, Industry Solutions; Ameet Naik, Director of Cyber Security Strategy
    Banks and financial institutions focus on driving digital innovation to increase growth and provide the best experience for their account holders. But with an increase in online business and web traffic comes an increase in risk. Learn how to stop automated fraud and reduce time spent on customer account lockouts.

    Recently, a top regional bank faced this challenge head on, and managed rapid digital growth while fending off an increase in bot-driven account takeover attacks. Customers were being locked out of their accounts and the bank’s help desk was being flooded with customer calls. Fixing this challenge was a top priority.

    Attend this webinar to:
    -Learn how to spot automated bot attacks
    -Understand techniques to stop account takeovers
    -Discover how to reduce the time spent on automated fraud
  • The Client-side Blind Side: Supply Chain Risks in Website Code Recorded: Mar 25 2021 42 mins
    Avishai Shafir, Director of Product Management and Ameet Naik, Director of Cybersecurity Strategy at PerimeterX
    Your software supply chain is the new attack surface. Web applications are especially vulnerable as your code shifts to the client side where your legacy security tools are blind. Join this webinar to learn how attackers are exploiting this client-side blind side to carry out digital skimming, formjacking and Magecart attacks.

    This webinar will cover:
    -Vulnerabilities introduced by third-party scripts in your web applications
    -Attack detection methods and challenges
    -Website risk analysis tools to help you identify and mitigate supply chain risks

    Register now to save your spot and get a link to the on-demand recording to watch at your leisure.
  • Five Strategies to Protect Your Digital Storefront Recorded: Mar 11 2021 57 mins
    Ameet Naik, Director of Cybersecurity Strategy; Rik Turner, Principal Analyst at Omdia
    The shift to online-only and omnichannel shopping has accelerated. As consumer traffic has grown so has cybercriminal activity with account takeover, payment abuse and inventory hoarding skyrocketing. Retailers need a new approach to protect their digital storefronts and customer experience.

    In this webinar you will learn about:
    -Threats that impact different stages of your customers’ digital journey
    -Effective strategies to help protect against these threats
    -How retailers like you have addressed these challenges
  • DevSecOps: The 2021 Cyber Threat Landscape Recorded: Feb 22 2021 60 mins
    Helen Beal - DevOps Institute | Gemma Allen - Barracuda | Ameet Naik - PerimeterX | Ben Zilberman - Radware
    “COVID-19 created an opportunity to drive innovation and build a DevSecOps culture that emphasizes speed and agility while integrating security seamlessly throughout the software lifecycle”, according to DevProJournal. With the impact of the pandemic felt across all job departments and industries, it’s time we take a closer look at what these opportunities are and how they are influencing the 2021 cyber threat landscape.

    Join us for episode 11 of Day-to-Day DevOps, where host Helen Beal and guests will share what DevSecOps and DevOps teams must know about DevSecOps in 2021. They’ll be discussing:

    - Tips to create more open and communicative DevSecOps teams across the SDLC
    - What threats teams need to be aware of to ensure that applications are protecting data, brands and customers
    - How to effectively plan and embrace discipline by incorporating SAST tools into development processes
    - Why teams must test like attackers, not defenders
    - And more


    Guests:
    - Gemma Allen - Consulting Solutions Architect at Barracuda
    - Ameet Naik - Director of Product Marketing at PerimeterX
    - Ben Zilberman - Director of Product Marketing at Radware
  • Protect Your Digital Storefront From Homepage to Checkout Recorded: Feb 18 2021 32 mins
    Avishai Shafir, Director of Cybersecurity Strategy; Reesha Dedhia, Ecommerce Evangelist.
    The digital storefront has become the de facto way for consumers to discover, shop and interact with your brand. With an increase in online business and traffic comes an increase in risk. It is important to be proactive about safeguarding your applications from a wider set of cyberattacks.

    Join us for a live webinar on February 18 at 10 AM PT to:

    •Learn from other retail e-commerce leaders about their top priorities
    •Understand the new set of risks to your business
    •Discover best practices for succeeding in the digital world.
  • Stop eGift Card and Loyalty Points Fraud Recorded: Jan 20 2021 48 mins
    Liel Strauch Director of Product Research and Pan Kamal Cybersecurity Evangelist PerimeterX
    The gift card market has skyrocketed and is valued at over $381B for 2020, growing at a rate of 6% annually. With the crackdown on CNP fraud, e-gift cards have become a more productive target for fraudsters. Brute force account takeover attacks have consistently targeted e-gift card pages for major brands throughout the year.

    Join PerimeterX and collaboration with Merchant Risk Council to explore:

    -Recent e-gift card attacks and trends
    -Brute force tactics hackers use to target e-gift cards and loyalty points
    -How to avoid damage to your brand reputation
Cyber Security Webinars: Discussing latest Trends & Threats
PerimeterX protects the modern web and mobile applications, and APIs from automated attacks. We protect against account abuse, carding, scraping, checkout abuse, marketing fraud, PII harvesting, skimming and watering hole attacks.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Holiday Readiness and the Shadow Code Risk
  • Live at: Sep 2 2020 1:15 am
  • Presented by: Ameet Naik, PerimeterX; Alexandra Brown, RH-ISAC
  • From:
Your email has been sent.
or close