My CDN Was Compromised!
In this lesson, we'll look at some measures you can take to ensure your users' protection in the case of a CDN compromise.
We'll cover the following...
Introduction
Often times, web applications serve some of their content through a content delivery network (CDN), typically in the form of static assets like JavaScript or CSS files, while the main document is rendered by a webserver. This gives developers limited control over the static assets themselves, as they’re usually uploaded to a third-party CDN (e.g., CloudFront, Google Cloud CDN, Akamai).
Now, suppose an attacker gained access to your login credentials on the CDN provider’s portal and uploaded a modified version of your static assets, injecting malicious code. How could you prevent such a risk for your users?