Prevalent and Source Defense’s joint solution offers deeper visibility on the true array of code and vendor relationships powering websites, with automated policy enforcement and remediation features to defeat malicious activity and prove regulatory compliance.
As client-side threats such as Magecart and formjacking attacks continue to victimize websites across industries, effective threat mitigation needs to go beyond traditional web application firewalls (WAF) and bot-fighting solutions.
However, most organizations are challenged to deploy these piecemeal defenses effectively because they have an incomplete view of applications and code on their own critical web properties – including the third-party vendors delivering them – leaving doors open to data theft and disruption.
To improve visibility into these risks Source Defense identifies and analyzes the areas targeted by client-side threats and open-source risks.
Source Defense is then able to determine what scripts are doing on the webpage, report what actions the scripts take and provide recommendations for remediation all in real-time.
Prevalent then provides the third-party risk report as a component of the vendor profile, delivering a closed-loop view of the risks that third-party code can introduce to your mission-critical web assets.
“It’s no surprise that companies are vulnerable to many different types of online threats, however client-side and open source risks are overlooked and result in major fine and regulatory repercussions in addition to brand damage to that organization,” said Josh Jones, VP of Sales and Alliances at Source Defense.
“Together, Source Defense and Prevalent provide a closed-loop view of the risks that third-party code can introduce to mission-critical web assets, and enable the customer to be in charge with how they want to protect themselves.”
“By partnering with Source Defense, Prevalent helps to extend the visibility of client-side web vulnerabilities and attacks to an organizations’ third parties and beyond,” said Brett Whiteman, VP Alliances at Prevalent.
“With this extended risk intelligence, companies can assess the at-risk vendors for details as to their mitigation and remediation plans to reduce the risk before an attack occurs.”
Upon learning that a specific customer has client-side vulnerabilities, Source Defense is able to determine what scripts are doing on the webpage, report what actions the scripts take including if they access sensitive fields, capture keystrokes and provide recommendations for remediation all in real-time.