What do the 3ve ad fraud campaign, the Magecart credit card skimming attacks and the Facebook-Cambridge Analytica scandal have in common? They were all made possible through the use of unmanaged third-party code, according to Chris Olson, CEO of the Media Trust, speaking the SC Media at RSA 2019.

There was a time when websites and mobile apps relied primarily on their own source code, but the advent of third-party services has flipped that equation, explained Olson. Now third-party code often far exceeds proprietary code, and that leaves website and app developers vulnerable because they have little control or visibility over code that’s not their own.