Sally Beauty

Protecting Customer Data From Magecart and Digital Skimming Attacks

Download Case Study


Sally Beauty is the U.S. and Canadian brand of Sally Beauty Holdings, Inc., a global distributor and specialty retailer offering professional beauty products to both retail consumers and salon professionals with 5000+ stores worldwide. is the e-commerce business for the Sally Beauty brand.


Sally Beauty conducts a significant portion of its business online on its website and processes tens of thousands of credit cards each day. It strives to maintain a safe user experience for its customers and to ensure data privacy while conducting online payment transactions. To achieve this, it was manually monitoring all third-party scripts on its website to track script behavior, detect vulnerabilities and achieve compliance. This required a dedicated person on their infosec team to ensure the integrity of their payment pages and processes.

Magecart attacks were top of mind for Sally Beauty’s executive management, given the high profile attacks on several other online brands that led to customers’ credit card numbers being stolen from their websites. It wanted to ensure skimming attacks do not happen on and that its customers’ personal data remained protected. At the same time, the security team could not hamper the pace of revenue-generating innovation by imposing restrictions on the use of third-party scripts and libraries.

Sally Beauty was also feeling the impact of stolen credit card numbers in the form of fraudulent carding attacks that led to a spike in their payment gateway fees. To mitigate this threat, it had deployed the PerimeterX Bot Defender solution via a Salesforce Commerce Cloud (SFCC) cartridge.

Learn more about Digital Skimming

We were looking for a solution that could provide us visibility into the client-side scripts. Code Defender was easy to deploy leveraging the same sensor and Salesforce Commerce Cloud cartridge as Bot Defender.

Lee TarverSenior Manager of Information Security Architecture and Engineering

SFCC - Storefront Reference Architecture Certified
PerimeterX products directly integrate into your Salesforce Commerce Cloud store using certified Cartridges, your digital storefront is protected from login to check out, stopping unwanted bot traffic and client-side attacks.


Sally Beauty evaluated multiple alternatives to improve upon the manual process of auditing all first- and third-party scripts on its website. While the team could perform static audits and monitor the server side, they did not have the same visibility into the client side scripts. Sally Beauty uses SFCC and wanted a solution that could integrate easily in the form of an SFCC cartridge. They already had a WAF solution to protect the server side, and had not deployed any content security policies (CSPs) due to the complexity of managing CSPs.

Sally Beauty enabled PerimeterX Code Defender without any configuration changes to its websites or infrastructure. Code Defender uses the same JavaScript Sensor as Bot Defender. This was a major advantage to Sally Beauty and minimized the operational cost of deploying a new technology solution.

Code Defender also uses the same PerimeterX Portal as Bot Defender which was already familiar to its security operations teams. Following a short tuning process, Sally Beauty was able to gain visibility into the client side of its web applications using the easy to use Portal. The security team discovered behavioral anomalies and changes to the website scripts with minimal manual effort. They were able to work with their e-commerce teams to analyze anomalous script activities and mitigate risks to their business without hampering innovation.

Code Defender


Using Code Defender, Sally Beauty was able to save considerable time and resources spent on monitoring JavaScript vulnerabilities on its website, and also gained new runtime visibility into the client side. They were able to reduce the time spent on discovering the points of exposure from a magnitude of what normally would take more than a half a day to a matter of minutes, allowing them to optimize their operational resources. Sally Beauty also gained considerable value from the threat intelligence behind Code Defender that keeps them protected against evolving threats.

By protecting their customer data against digital skimming and Magecart threats, Sally Beauty was able to increase customer confidence, protect its brand reputation and remain compliant with data privacy regulations.

Learn more about Code Defender

We wanted to find the anomalies and changes in our client-side scripts. The Code Defender behavioral analysis solution greatly simplifies this process. Combined with the threat intelligence on the back end, it helps us identify the known risks to our website, and enables us to work with our partners in e-commerce to mitigate those risks.

Lee TarverSenior Manager of Information Security Architecture and Engineering

Secure Your Digital Business with PerimeterX

  • Accurate Threat Identification Icon
  • Accurate Threat Identification

  • Using machine learning and behavior-based analytics, PerimeterX solutions detect and block automated bot attacks and client-side threats with unparalleled accuracy.

  • Fully Compatible Integration Icon
  • Fully Compatible Integration

  • The PerimeterX Platform is cloud-native and can be deployed anywhere. It is compatible with your existing cloud services and content delivery network infrastructure.

  • Frictionless Customer Experience Icon
  • Frictionless Customer Experience

  • With solutions from PerimeterX, your digital headquarters is constantly monitored and your pricing and inventory data remains uncompromised and available to real customers.

© PerimeterX, Inc. All rights reserved.