Cross-Site Scripting (XSS)

Learn how to defend your site against cross-site scripting (XSS) attacks.

Read

April 16, 2021 - Ensighten

How Can You Defend Against Cross-Site Scripting (XSS) Attacks?

XSS is based on client-side code injection: attackers insert malicious scripts into a legitimate application, which then piggybacks onto the altered script within the user’s web browser. These...

Read

February 21, 2020 - Ensighten

The Strengths and Limitations of a Content Security Policy (CSP)

Not that long ago, Magecart threats were only on the risk radar of ecommerce InfoSec teams but highly publicized attacks against businesses such as Macy’s, Ticketmaster, Forbes, MyPillow, AmeriSleep...

Read

December 18, 2019 - Ensighten

Protecting Against Web Application Attacks

2019 has been the year of the web application attack. In the 18 months between January 2018 and June 2019, researchers have recorded more than four billion web application attacks. Cybercriminals use...