April 7, 2020
Sideloading And Chain-loading of Code
Platform Or Cloud-Hosted Skimming
Most organizations struggle with a single source of truth for their client-side code. Step one is actually knowing what exists. Let’s look into why most organizations struggle in discovering and classifying front-end assets. What more do we need to know?
Complexity in front end security leads to mistakes.
Mistakes, eventually, lead to breaches.
What does client-side chaos look like?
The front end complexity of web applications at an organization with ~1,000 employees
ingested by forms
scripts per page
The Client-side (Front End) Problem Is Twofold:
1. Front end code, aka ‘the digital user experience’, can actively ingest customer/user information at the data input points including login and financial transaction forms, or any other web forms where organizations are processing sensitive user data.