Code Defender

Websites use scripts for a number of actions, from login to checkout. Many groups inside a company deploy scripts to enable business without understanding their impact to risk.

Code Defender provides real-time visibility into all scripts, all downstream dependencies, and every action taken in real users’ browsers. Deployed as a single line of code on your website, Code Defender will automatically discover and monitor all scripts, simplifying management.

Modern website scripts load dynamically at run-time in users’ browsers and frequently change without notice. As a result, point-in-time vulnerability scans alone are not sufficient to analyze scripts for malicious or vulnerable code.

Code Defender provides rich insights into and analysis of JavaScript activity on your real consumers’ browsers. It flags and risk-scores any new or changed script behavior, and automatically generates alerts. Out-of-the-box integrations enable sending alerts to your favorite security and collaboration tools.

Though providing significant business value, third-party client side scripts and libraries can put you at risk of a user data breach.

Code Defender allows security teams to authorize important scripts, but disable their unnecessary, anomalous, or potentially malicious elements. With client side mitigation (CSM), security teams have real-time granular control over client-side JavaScript, so they can enable the business without sacrificing access control risks.

Client-side scripts can provide a means to silently leak your users’ PII, including credit card data. Suspicious scripts are typically completely out of your control, and simply removing them may break key functionality on your website.

The Code Defender dashboard offers an at-a-glance overview and actionable recommendations to stop compliance violations and generate compliance reports for audits by Internal Security Assessors (ISA) or PCI’s Qualified Security Assessor (QSA).