About
Source Defense is a mission critical element of web security designed to protect data at the point of input. The Source Defense Platform provides a simple and effective solution for data security and data privacy compliance – addressing threats and risks originating from the increased use of JavaScript, third-party vendors, and open-source code in your web properties. The Platform provides options for securing your own code, as well as addressing a ubiquitous gap in the management of third-party digital supply chain risk – controlling the actions of the third-party, fourth and nth party JavaScript that powers your site experience.
The Source Defense Platform protects against all forms of client-side security incidents – keylogging, formjacking, digital skimming, Magecart, etc. – by extending web security beyond the server to the client-side (the browser).
|
About
Keeping track of 3rd party scripts, taking away obscurity. You'll know what gets delivered to your user's browser 100% of the time, and we'll make the scripts up to 30% faster. 3rd party scripts have unlimited reign in the browser of your users. When it goes wrong, it goes really wrong. Negative press, potential lawsuits, and damage claims following a security incident. PCI DSS 4.0 (specifically 6.4.3 and 11.6.1) mandates entities handling card data to implement tamper-detection mechanisms by March 31st, 2025. This aims to mitigate attacks by alerting on unauthorized changes to HTTP headers and payment content. c/side is the only fully autonomous detection tool for assessing 3rd party scripts. We do not rely purely on threat feed intel or easy-to-circumvent detections. Using historical context and AI to review the payload and behavior of scripts. c/side is crawling many sites to get ahead of new attacks. All scripts get processed by us and we improve our detection methods.
|
|||||
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
Platforms Supported
Windows
Mac
Linux
Cloud
On-Premises
iPhone
iPad
Android
Chromebook
|
|||||
Audience
Compliance, Security, Cyber Security, Risk, Security Operations, Senior Management, QSAs, ISAs, PCI DSS
|
Audience
Security & front-end engineers who need real-time monitoring, forensic history, and PCI-ready reporting for every third-party script in production.
|
|||||
Support
Phone Support
24/7 Live Support
Online
|
Support
Phone Support
24/7 Live Support
Online
|
|||||
API
Offers API
|
API
Offers API
|
|||||
Screenshots and Videos |
Screenshots and Videos |
|||||
Pricing
No information available.
Free Version
Free Trial
|
Pricing
$99 per month
Free Version
Free Trial
|
|||||
Reviews/
|
Reviews/
|
|||||
Training
Documentation
Webinars
Live Online
In Person
|
Training
Documentation
Webinars
Live Online
In Person
|
|||||
Company InformationSource Defense
Founded: 2014
United States, Israel
sourcedefense.com
|
Company Informationc/side
United States
cside.dev/
|
|||||
Alternatives |
Alternatives |
|||||
|
|
||||||
|
|
||||||
|
|
||||||
Categories |
CategoriesThe detection engine uses an open-source LLM that runs entirely inside a self-hosted environment The c/side AI engine detected that the modified script exhibited keylogger behavior and was flagged as malicious. Customers can then review the script and, if necessary, block the corresponding hash values. c/side is a cutting-edge client-side security solution designed to protect digital organizations from the growing threat of browser-based attacks. Unlike traditional security tools that rely solely on threat feed intelligence, c/side employs a fully autonomous detection system that uses historical context and AI to analyze the behavior and payload of third-party scripts. This proactive approach allows c/side to identify and block potential threats before they can reach your users, ensuring robust protection against zero-day vulnerabilities and supply chain attacks. With its unique proxy solution, c/side offers unparalleled defense for client-side applications, making it an essential tool for any organization looking to safeguard their web presence. 100 % session coverage, DOM-level diffing, conditional threat detection (geo/time/user cohort). c/side sits in the path of every third-party request, fetches the actual JavaScript, and inspects it in real time. So malicious code is blocked before the browser can execute a single line. VikingCloud’s independent assessment confirms that, when properly configured, both the (hybrid) proxy and crawler modes fulfil these requirements by continuously hashing, analysing, and, if necessary, blocking scripts in real-time. The c/side platform offers a dedicated PCI DSS dashboard that explicitly covers insights into 6.4.3 and 11.6.1 requirements. Proxy and crawler only store the requester’s IP address for incident scoping; that data is never brokered or used for advertising. All proxy and crawler data remains in c/side-managed clusters hosted in AWS. Stop Magecart, formjacking, token hijacking, cryptojacking, and more! By integrating proxy-based architecture, a proxy sits between the third, fourth, and nth party script and the user's browser, allowing it to see the code fetched by the user's browser. The c/side proxy delivers continuous, full–spectrum visibility and control over all third party scripts executed in the user’s browser 100 % of the time without sampling. By providing real-time payload inspection, automated blocking, full historical payload storage, and auditor-ready reports that map directly to the testing procedures in PCI DSS 4.0.1. VikingCloud noted that the c/side platform intercepted and blocked the third-party script actively to prevent data leakage. |
|||||
PCI Compliance Features
Access Control
Compliance Reporting
Exceptions Management
File Integrity Monitoring
Intrusion Detection System
Log Management
Patch Management
PCI Assessment
Policy Management
Data Privacy Management Features
Access Control
CCPA Compliance
Consent Management
Data Mapping
GDPR Compliance
Incident Management
PIA / DPIA
Policy Management
Risk Management
Sensitive Data Identification
Data Security Features
Alerts / Notifications
Antivirus/Malware Detection
At-Risk Analysis
Audits
Data Center Security
Data Classification
Data Discovery
Data Loss Prevention
Data Masking
Data-Centric Security
Database Security
Encryption
Identity / Access Management
Logging / Reporting
Mobile Data Security
Monitor Abnormalities
Policy Management
Secure Data Transport
Sensitive Data Compliance
|
GDPR Compliance Features
Access Control
Consent Management
Data Mapping
Incident Management
PIA / DPIA
Policy Management
Risk Management
Sensitive Data Identification
PCI Compliance Features
Access Control
Compliance Reporting
Exceptions Management
File Integrity Monitoring
Intrusion Detection System
Log Management
Patch Management
PCI Assessment
Policy Management
Compliance Features
Archiving & Retention
Artificial Intelligence (AI)
Audit Management
Compliance Tracking
Controls Testing
Environmental Compliance
FDA Compliance
HIPAA Compliance
Incident Management
ISO Compliance
OSHA Compliance
Risk Management
Sarbanes-Oxley Compliance
Surveys & Feedback
Version Control
Workflow / Process Automation
|
|||||
Integrations
Magento
Next.js
Shopify
WooCommerce
|
||||||
