Case Study: Sally Beauty Protects Against Magecart Attacks with HUMAN Client-side Defense

Sally Beauty Protects Against Magecart and Digital Skimming Attacks

Sally Beauty, the U.S. and Canadian beauty retailer, needed better visibility into the client-side scripts powering its ecommerce site to protect against digital skimming and Magecart attacks. With tens of thousands of credit card transactions processed daily, the company wanted to reduce the manual, time-consuming effort of auditing first- and third-party JavaScript and improve compliance and online payment security. HUMAN’s Client-side Defense was chosen to address these risks.

HUMAN implemented Client-side Defense for Sally Beauty using a lightweight JavaScript sensor and Salesforce Commerce Cloud cartridge, without requiring website or infrastructure changes. The solution automated script monitoring and zero-trust protections, gave the security team real-time runtime visibility through the customer portal, and helped detect anomalous script behavior faster. Sally Beauty reduced review time from more than half a day to minutes, saving significant time and resources while strengthening protection against skimming attacks.

Sally Beauty

Lee Tarver

Sr. Manager, Security Architecture and Engineering