In this At The Edge podcast, Rahim Jina, Edgescan COO, joins Sean Martin at Edgescan's Dublin office to share how the research project - "Project edgeguard" - started. Rahim also shares the goals behind offering the project to the open source community and how the resulting tool (built upon the open framework) can be used to help companies detect when their data is leaving their organization through a compromised website.
More About “Project edgeguard”
If compromised by malicious content planted in your browser via hacking or client-side malware attacks, sensitive user data could be stolen and transmitted to third party hackers or cybercriminals. This is very similar to many banking Trojans.
As one example, malicious content can be placed within a user’s browser whilst using your web application by virtue of a client-side security weakness/vulnerability or through certain types of browser malware where Man-in-the-Browser attacks could succeed.
edgeguard is a “Zero-footprint” open framework and library that aims to detect exfiltration of sensitive user data from the browser.
Eoin Keary, Edgescan's CEO, and Rahim Jina, Edgescan's COO, presented the edgeguard tool to an audience attending the 2018 AppSec California application security conference in Santa Monica. More about their presentation can be found on the AppSec Cali website: https://appseccalifornia2018.sched.com/event/CuS8/edgeguard-client-side-dom-security-detecting-malice-an-open-framework