log4shell vulnerabilities

New webinar: Understand and defeat website supply-chain attacks

Print Friendly, PDF & Email

Supply-chain cyberthreats have been on the security industry’s radar for several years now, and previous blog posts (here, here, and here, for example) have both explained how such attacks work and warned that they are becoming more common and more sophisticated.

The reason these attacks are so hard to combat is that they use compromised third-party scripts and libraries that are commonly built into website functionality by developers in order to increase productivity, efficiency, and reliability. Instead of residing in the website’s code, the client browser that loads the site then calls the third-party element, e.g. from GitHub, and executes them in the browser itself. (This is why such attacks are also known as “client-side” attacks.)

In principle, a highly disciplined and properly executed configuration of Content Security Policy and Sub-Resource Integrity mechanisms can provide reasonably good protection. However, this is very complex, difficult, and time-consuming — and attackers have developed sophisticated ways of avoiding detection.

New capabilities help fight back

Website supply-chain attacks have been responsible for some spectacular data breaches targeting high-profile companies such as British Airways and Forbes. But any website that executes compromised third-party resources in the browser can become a widespread vector of attack.

The good news is that Barracuda has developed advanced capabilities that are built into Barracuda WAF-as-a-Service, and that are highly effective at preventing website supply-chain threats getting into production on your web servers.

To gain a thorough understanding of the state of website supply-chain attacks today, along with the advanced strategies now available to defeat them, attend a new webinar taking place on August 23.

At the webinar, Barracuda VP of Product Management for Application Security Nitzan Miron and Senior Product Marketing Manager Tushar Richabadas will go through a detailed analysis of several recent website supply-chain attacks. They’ll also explain and demonstrate how WAF-as-a-Service leverages new capabilities to automate and simplify the process of protecting your websites against these attacks.

Genuine AppSec simplicity

Application and website security has a reputation for being a complex, time-consuming chore that is difficult to get right at the best of times. Barracuda is changing that. WAF-as-a-Service is well known for having made it remarkably simple, and the new anti-supply-chain-threat capabilities mark a milestone on that path.

If you want to understand website-supply-chain threats better, and you could benefit from a full-featured application-security solution that is easy to use and helps you combat all the latest attack modes, be sure to attend this information-packed webinar.

Free webinar

Website Supply-Chain Threats: Advanced Strategies to Defeat Them

Tuesday, August 23, 2022

11 a.m. – 12 p.m. PT

Save your spot today

Scroll to top