New Breed of Magecart: GTMs Working Together, JavaScript Hidden in CSS
by Source Defense The Source Defense Research team has uncovered another active eSkimming campaign which demonstrates the use of novel techniques, and an increasing adversarial
Thank You
Your request has been submitted.
You will receive an analysis of the 3rd party partners on your site via email shortly.
The report analyzes the behaviors these 3rd parties take in every end-user session.
We conduct this analysis to flag any potential security or data privacy concerns to organizations like yours.
For more understanding of our mission, and the issues we seek to address, feel free to browse the information below.
Understanding the Risk Introduced by Your Website Supply Chain
What QSAs Are Saying About PCI DSS 4.0.1 and eSkimming Controls
by Source Defense On a recent Source Defense roundtable, seasoned QSAs gathered to discuss the latest PCI DSS 4.0.1 updates—specifically requirements 6.4.3 and 11.6.1—and how
Client-Side Security Breach Alert: Blue Shield of California Exposes 4.7 Million Members’ Health Data Through Web Analytics Configuration
by Source Defense A recent incident at Blue Shield of California highlights the critical importance of client-side security controls when implementing third-party scripts on healthcare
New Magecart Variant Targets UK Retailer in Stealthy Double-Entry Attack
Source Defense Research Blog | April 23, 2025 A Familiar Threat Resurfaces in the UK Our Source Defense Research team has uncovered an active Magecart-style
Whitepapers Digging Deeper into the Issue
The Rise and Risk of Third-Party Scripts in Modern Website
To shed light on the risks introduced through this critical digital supply chain, we scanned the top 4,300 websites by traffic worldwide and analyzed the data to provide answers to important questions.
A 90-Day Action Plan for 6.4.3 and 11.6.1
Read what VikingCloud has to say about the Source Defense approach to eSkimming Security. As the pioneer in the field, Source Defense supports more than 1,000 of the world’s leading brands with a unique, prevention first, set-it and forget-it solution.
A VikingCloud Technical Solution Review for the Payment Card Industry (PCI)
Read what VikingCloud has to say about the Source Defense approach to eSkimming Security. As the pioneer in the field, Source Defense supports more than 1,000 of the world’s leading brands with a unique, prevention first, set-it and forget-it solution.
CoalFire – A Holistic Approach to Protecting Credit Card Payment Flows
Guidance from CoalFire on the eSkimming Security requirements found in PCI DSS 4.0
The most talked about and concerning new requirements in PCI DSS 4.0 fall under sections 6.4.3 and 11.6.1. For the first time, merchants are required to implement security controls to prevent eSkimming attacks.
