Upload File

javascript is everywhere [infographic]

1
Sources: hps://heimdalsecurity.com/blog/top-financial-malware/ hp://www.techweekeurope.co.uk/e-regulaon/ibm-bank-transfer-scam-165952#kobpOsE0Wx8tITzc.99 hps://www.stasta.com/topics/1145/internet-usage-worldwide/ hps://techcrunch.com/2015/03/31/google-says-5-of-web-browsers-have-ad-injectors-installed/ hps://www.whatech.com/mobile/blog/28074-a-worldwide-tendency-on-mobile-plaorms-and- applicaon-developers hp://www.clock.co.uk/blog/javascript-frameworks-in-2016 hps://legalmaerblog.com/2015/02/09/mobile-apprehension-the-growing-problem-of-counterfeit- and-pirated-mobile-applicaons/ hps://w3techs.com/technologies/details/cp-javascript/all/all hps://stackoverflow.com/research/developer-survey-2016#most-popular-technologies-per-occupaon Make Your Web Applicaon Protect Itself IN SUMMARY, DON'T FORGET TO PROTECT YOUR APPLICATION ON THE CLIENT-SIDE TOO Use Content Security Policy (CSP) to white list the resources that you allow your applicaon to use #1 Perform Integrity Checks on the external resources you load from your applicaon with Subresource Integrity #2 Set up Client-Side Runme Applicaon Security Protecon (RASP) #3 Force your Applicaon to only use HTTPS by using HTTP Strict Transport Security (HSTS) #4 Use SAST and DAST to Discover Vulnerabilies in your Code Stac Analysis Security Tesng e Dynamic Analysis Security Tesng are ideal to make sure that both your server and your client-side code have no vulnerabilies #5 Employ Client-Side Code Injecon Detecon and Removal Technology #6 Apply strong SSL Encrypon in your Web Applicaon #7 Make your client-side Code Polymorphic to avoid Tampering Threats #8 Use Cerficate Pinning in your Mobile Applicaon #9 TOP SECURITY RECOMMENDATIONS #1 E-COMMERCE APPS TAMPERING #2 #3 SIGN IN * * * * * * * INFORMATION LEAKAGE MALWARE INJECTION SERIAL KEY PIRACY & LICENSE VIOLATIONS MAN-IN-THE-BROWSER ATTACKS COUNTERFEIT APPLICATIONS CODE THEFT Ad exploit aacks inject unauthorized ads and products, affiliate hijacking and spyware, severely damaging the customer journey MALWARE ATTACKS ONE SINGLE DRIDEX MALWARE ATTACK EARNED AT LEAST $50 MILLION and spread across 30 COUNTRIES $ BUY -10% $ BUT THERE ARE RISKS... COUNTERFEIT APPLICATIONS AT: of all Google users infected by Ad Malware +5% DYRE WOLF' BANK TRANSFER SCAM NETS CRIMINALS more than $1 BILLION to date $ ZEUS/ZBOT spread on more than 70,000 ACCOUNTS of banks and businesses including NASA and BANK OF AMERICA. $ pirated apps are distributed, worth and esmated $700,000 1M IT’S BEING USED BY THOUSANDS OF COMPANIES ...SO THERE'S MORE AND MORE STUFF BEING DONE ON THE WEB AND ON THE CLIENT-SIDE MOST POPULAR LANGUAGE AT... #1 Hackathons #2 #1 #1 THOUSANDS OF FRAMEWORKS & LIBRARIES MILLIONS OF $ LOST IN ONLINE SALES EVERY YEAR 93,6% ON ALL WEBSITES IN MOBILE APPS 55% On August 2016 the percentage of JavaScript reached: IS EVERYWHERE

Upload: catarina-cardoso

Post on 10-Jan-2017

22 views

Category:

Technology


3 download

Report

TRANSCRIPT

Page 1: JavaScript Is Everywhere [Infographic]

Sources:https://heimdalsecurity.com/blog/top-financial-malware/http://www.techweekeurope.co.uk/e-regulation/ibm-bank-transfer-scam-165952#kobpOsE0Wx8tITzc.99https://www.statista.com/topics/1145/internet-usage-worldwide/https://techcrunch.com/2015/03/31/google-says-5-of-web-browsers-have-ad-injectors-installed/https://www.whatech.com/mobile/blog/28074-a-worldwide-tendency-on-mobile-platforms-and-application-developershttp://www.clock.co.uk/blog/javascript-frameworks-in-2016https://legalmatterblog.com/2015/02/09/mobile-apprehension-the-growing-problem-of-counterfeit-and-pirated-mobile-applications/https://w3techs.com/technologies/details/cp-javascript/all/allhttps://stackoverflow.com/research/developer-survey-2016#most-popular-technologies-per-occupation

Make Your Web ApplicationProtect Itself

IN SUMMARY, DON'T FORGET TO PROTECT YOUR APPLICATION ON THE CLIENT-SIDE TOO

Use Content Security Policy (CSP) to white list the resources that you allow your application to use

#1

Perform Integrity Checkson the external resources you load from your application with Subresource Integrity

#2

Set up Client-Side Runtime Application Security Protection (RASP)#3

Force your Application to only use HTTPSby using HTTP Strict Transport Security (HSTS)

#4

Use SAST and DAST to Discover Vulnerabilities in your CodeStatic Analysis Security Testing e Dynamic Analysis Security Testing are ideal to make sure that both your server and your client-side code have no vulnerabilities

#5

Employ Client-Side Code Injection Detection and Removal Technology#6

Apply strong SSL Encryption in your Web Application#7

Make your client-side Code Polymorphic to avoid Tampering Threats#8

Use Certificate Pinning in your Mobile Application#9

TOP SECURITYRECOMMENDATIONS

#1

E-COMMERCE APPS TAMPERING

#2

#3

SIGN IN

* **

**

* *

INFORMATIONLEAKAGE

MALWARE INJECTION

SERIAL KEY

PIRACY & LICENSEVIOLATIONS

MAN-IN-THE-BROWSERATTACKS

COUNTERFEIT APPLICATIONS

CODE THEFT

Ad exploit attacks inject unauthorized ads and products, affiliate hijacking and spyware, severely damaging the customer journey

MALWARE ATTACKS

ONE SINGLEDRIDEX MALWARE ATTACK

EARNED AT LEAST

$50 MILLIONand spread across30 COUNTRIES

$

BUY-10%

$

BUT THERE ARE RISKS...

COUNTERFEIT APPLICATIONS AT:

of all Googleusers infected by Ad Malware

+5%

DYRE WOLF' BANKTRANSFER SCAM NETS CRIMINALS

more than $1 BILLION

to date

$

ZEUS/ZBOTspread on more than

70,000 ACCOUNTSof banks and businesses

including NASA andBANK OF AMERICA.

$

pirated appsare distributed,worth and estimated

$700,000

1M

IT’S BEING USED BYTHOUSANDS OF COMPANIES

...SO THERE'S MORE AND MORE STUFF BEINGDONE ON THE WEB AND ON THE CLIENT-SIDE

MOST POPULAR LANGUAGE AT...

#1

Hackathons#2

#1

#1

THOUSANDS OFFRAMEWORKS & LIBRARIES

MILLIONS OF $ LOST INONLINE SALES EVERY YEAR

93,6%ON ALL WEBSITES IN MOBILE APPS

55%

On August 2016 the percentage of JavaScript reached:

IS

EVERYWHERE

Mobile app development, JavaScript everywhere and “the three …bina/amrita/cse651C/day3/three... · 2014. 7. 3. · IBM Worklight IBM BlueMix IBM WebSphere eXtreme Scale, IBM DB2

JavaScript learning infographic - 01

Jfokus 20142014 by Martin Elwin February 5th, 2014 NoSRV Architecture:!! Dynamic web applications without backend servers JavaScript is everywhere. AWS SDK for JavaScript in Node.js

JavaScript - Valdosta State University JavaScript Homework Follow the links below for w3schools tutorials on JavaScript, JavaScript HTML DOM, and JavaScript Browser BOM.. Each tutorial

EMSCRIPTEN - COMPILING LLVM BITCODE TO JAVASCRIPT …The web is everywhere, and runs JavaScript Compiling LLVM bitcode to JavaScript lets us run ~ everything, everywhere. THIS WORKS

JavaScript is everywhere

JavaScript for Beginners - Daniel Wintersteinwinterstein.me.uk/javascript/JavaScript Course Notes.pdf · 4 A Tour of JavaScript ... JavaScript for Beginners 8 o An example of a server-side

JavaScript Awesomeness: JavaScript for Beginners

Source Everywhere, Manufacture Everywhere, Sell Everywhere

LoRa Everywhere Infographic 2020 - Semtech

JavaScript & jQuery JavaScript and jQuery introduction

What is JavaScript? Embedding JavaScript with HTML JavaScript conventions Variables in JavaScript

Big Data Analysis - EM360 · using Information Hub's JavaScript API. Users enjoy interactive analytic visualizations that ... opentext-infographic-analytics-election-tracker-16-big-data-analysis-method

JavaScript Programmingdept-info.labri.fr/~beurton/Enseignement/JavaScript/2018-2019/mai… · JavaScript Today All configurations and materials have a JavaScript “runtime”

State of modern JavaScript development Tadic - State of modern JS... · Apps should load fast for everyone, everywhere. • Client’s expectations - web apps required to mimic native

Mobile app development, JavaScript everywhere and “the three … · 2014-06-12 · Mobile app development, JavaScript everywhere and “the three amigos” Every 12 years or so,

Measuring JavaScript Performance, JavaScript Games

FFW ErgonomicsEverywhere Infographic rd2...ERGONOMICS EVERYWHERE We’re used to associating ergonomics with heavy industry. But the need for ergonomic awareness and action extends

Mobile app development, JavaScript everywhere and “the ...bina/cse487/threeamigosjs.pdfmobile application platform is the primary IBM product offering that directly supports this

JavaScript Everywhere! Creating a 100% JavaScript web stack

JavaScript Beginner's guide to JavaScript

Chapter 1: JavaScript Primer · color: JavaScript JavaScript JavaScript src a }

JavaScript JavaScript Introduction. Q. What is JavaScript? Ans. JavaScript was designed to add interactivity to HTML pages. JavaScript is a scripting

Modern Javascript - O’Reilly Mediaarchive.oreilly.com/oreillyschool/courses/javascript1/Modern... · Modern Javascript Lesson 1: Introduction About JavaScript What is JavaScript?

EveryWoman’EveryChild’EveryAdolescent’’ EveryWhere ... · “EveryWoman’EveryChild’EveryAdolescent’’ EveryWhere”’ Financing’sexual’reproductive,’maternal,’newborn,’

Toronto Infographic DataAnalytics · 2020-01-09 · (HTML, CSS and JavaScript) What is Data Science?2 Data science combines machine learning, statistics, advanced analysis and programming

JavaScript JQuery JavaScript Resources. Resources: JavaScript Guide - MDC Doc Center developer.mozilla.org/en/JavaScript/Guide Mozilla JavaScript Scripting

Meteor - Universiteit Twente · DDP Spark/Livedata Minimongo. A few principles Reactive templates & data sources Latency compensation Javascript everywhere The same API on client

The Dark Side of TV Everywhere Security [Infographic]

Pattners Everywhere, Even in Javascript

Javascript session 01 - Introduction to Javascript

Javascript everywhere

Social Media and Science - OFWIMJavaScript / Flash Infographic Tools • KeyLines - A JavaScript toolkit for visualizing networks. • d3.js - Free JavaScript library for manipulating

JavaScript infographic - 01

WTP Unit 4 JavaScript and DHTML. Javascript: – Client side scripting, – What is Javascript, – How to develop Javascript, – Simple Javascript, – Variables,