Defending Against JavaScript Keylogger Attacks on Payment Card Information

Focused View

John Elliott

1:02:53

65 View

1 - Course Overview

1. Course Overview.mp4

02:12

2 - The Evolution of the Crime

1. Course Introduction.mp4

01:17

2. Process History and Models Overview.mp4

06:27

3. Current States_ Direct Post and JS Form from PSP.mp4

07:23

4. The SAQ A-EP and NIST CSF Overview.mp4

05:16

5. Code Analysis and Attack Techniques.mp4

02:57

3 - PROTECT_ Employing JavaScript Security Techniques

1. The Protect Phase.mp4

02:45

2. Javascript Supply Chain Paradox.mp4

02:11

3. Checking the CSP.mp4

02:10

4 - PROTECT_ Preventing Webserver Compromise

1. SRI and CSP Review.mp4

01:28

2. Tools and Platforms Overview.mp4

02:41

3. Foregenix for Magento.mp4

01:22

4. Content Management Logins.mp4

03:55

5 - Detect - Detecting Compromised JavaScript

1. Attack Detection Techniques.mp4

04:21

2. Attackers Adaptation Techniques.mp4

02:14

3. JScrambler as a Defence.mp4

02:55

6 - Response and Recovery

1. Response_ Responsibilities and Obligations and GDPR.mp4

04:26

2. Recovery Process.mp4

05:12

3. Course Summary.mp4

01:41

Description

In this course, you’ll learn how about the most common attack now used to steal payment card data and the possible defences.

What You'll Learn?

In this course, Defending Against JavaScript Keylogger Attacks on Payment Card Information, John Elliott and Troy Hunt discuss the most common attack used to steal payment card data and how to defend against it. Learn how security people think about a problem, why criminals attack, how their tools and techniques work, and how you have to adapt as defenders. By the end of this course, you’ll have a better understanding of the NIST model, how thinking about detection is equally important, and response/recovery.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

JavaScript

Information Security

John Elliott

Instructor's Courses

John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulation, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led information security and data protection functions in aviation and financial services. He’s represented both Visa Europe and Mastercard on the PCI Security Standards Council, and contributed to many of the PCI standards including PCI DSS v4. He has LLM in Information Rights Law, holds the expected information security certificates (CISSP, CISA , CRISC, CDPSE) and is a Fellow of the British Computer Society - the Chartered Institute for IT.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.