Marty Zigman

Conversations with Marty Zigman

Certified Administrator • ERP • SuiteCloud

Marty Zigman LinkedIn

Marty Zigman

Holding all three official certifications, Marty is regarded as the top NetSuite expert and leads a team of senior professionals at Prolecto Resources, Inc.. He is a former Deloitte & Touche CPA and has held CTO roles. For over 30 years, Marty has produced leadership in ERP, CRM, and eCommerce business systems. Contact Marty to set up a conversation.

BiographyYouTubeLinkedInX (Twitter)

2 thoughts on “Understand NetSuite Clickjacking SuiteLet Considerations

  1. Tim Pilgrim says:

    Thank you for writing this up into something much more than the 1 pager I gave you.
    I had never thought to use a proxy for it but that certainly makes it an easier fix than converting the script.

    I do feel it is important for the NetSuite developer community to know the limitations of what security NetSuite provides and what we need to provide in addition. Your blog means that a large part of the community is now aware.

    Also, there are more security headers than the 3 that were used in our situation. These can be added to help protect your Suitelet depending upon the exact details of each deployment

    I also wanted to acknowledge Shiraz Ali Khan, the ethical hacker who informed us of the potential problem rather than exploiting it.

    Thanks again for the acknowledgement and the great article

  2. Marty Zigman says:

    Tim, thank you for the extra thinking and acknowledgments.

    Marty

Leave a Reply

Your email address will not be published. Required fields are marked *