This resource is no longer available
Magecart PCI Advisory on CSP

As many as 5000 websites are successfully attacked each month leveraging a nearly universal client-side website security flaw that is targeted by the Magecart group.
On August 1st, the Payment Card Industry Security Standard Council issued a set of recommendations and guidance to address the growing threat.
They suggested using Content Security Policies (CSP) to restrict compliant browsers from executing JavaScript from source which have not been explicitly whitelisted.
In this blog, learn more about CSP including:
- What it is an how it can help
- Frequently asked questions
- Challenges associated with deploying CSP
- And more