Thank You

What QSAs Are Saying About PCI DSS 4.0.1 and eSkimming Controls

by Source Defense On a recent Source Defense roundtable, seasoned QSAs gathered to discuss the latest PCI DSS 4.0.1 updates—specifically requirements 6.4.3 and 11.6.1—and how

Client-Side Security Breach Alert: Blue Shield of California Exposes 4.7 Million Members’ Health Data Through Web Analytics Configuration

by Source Defense A recent incident at Blue Shield of California highlights the critical importance of client-side security controls when implementing third-party scripts on healthcare

New Magecart Variant Targets UK Retailer in Stealthy Double-Entry Attack

Source Defense Research Blog | April 23, 2025 A Familiar Threat Resurfaces in the UK Our Source Defense Research team has uncovered an active Magecart-style

CSP FY: A Magecart Attack That Dodges Policy—and Makes a Joke While Doing It

by Source Defense When attackers are clever enough to name their cookie “csp_f_y,” you know they’re not just exfiltrating data—they’re mocking your defenses. In a

Here's Your Copy of "Out of Compliance and Out of Sight."

People who downloaded this whitepaper were also interested in these blog posts

What QSAs Are Saying About PCI DSS 4.0.1 and eSkimming Controls

Client-Side Security Breach Alert: Blue Shield of California Exposes 4.7 Million Members’ Health Data Through Web Analytics Configuration

New Magecart Variant Targets UK Retailer in Stealthy Double-Entry Attack

CSP FY: A Magecart Attack That Dodges Policy—and Makes a Joke While Doing It