By collecting and analysing the 'fingerprint' of JavaScript files loaded on your site, we can uniquely identify those files and monitor any changes to them over time.
Using our database of almost 13,000,000 verified fingerprints, we can reliably identify if a file is what it is claiming to be.
Combining all of this valuable data, along with enrichment from our Threat Intelligence product, you can avoid costly JavaScript mistakes...
You need two lines of code or config to get started, and you might not even need that as many CDN providers allow you to configure our product right from their dashboard.
There is no risk of breaking your site, there is no performance detriment, we're simply gathering data from the browser that loads your page and analysing that data over time.
We have no code or agent to deploy because the technology we leverage is built right into all modern browsers. It doesn't matter if your visitors are using Chrome, Safari or Firefox, all browsers support our features.
Here are just some examples of the benefits of tracking the Integrity Metadata for JavaScript loading on your site:
Getting started with our CSP Integrity product requires, at most, two lines of code or config. You can be up and running in a matter of minutes and start collecting valuable data about the code running on your site that your visitors are exposed to.
If you'd like help getting started, or want to see a demo of the product in action, please reach out to integrity@report-uri.com and one of our team will be happy to help.
Script Watch will monitor all JavaScript dependencies across your entire site and immediately notify you of any changes. A new JavaScript dependency could be the start of a Magecart attack.
Because Script Watch leverages the browser native Content Security Policy, there is no code or agent to deploy and running in the browser means we analyse your site in real-time as your users are browsing. We don't have the same limitations as external scanning services such as authentication or pay walls, geo-sensitive content or an attacker potentially serving safe content to the crawler.
Data Watch will monitor all of the locations that your webpages are sending data to. If your website starts sending data to a new location, it could be the start of a Magecart attack.
With Script Watch and Data Watch combined, you can monitor for clear indicators that your site has been compromised. Attackers will always want to inject their hostile JavaScript, and they'll always want to exfiltrate their stolen data.
Script Watch and Data Watch will allow you to rapidly detect and respond to a Magecart attack and combined, that capability puts you ahead of the field. If you want to take it a step further, Content Security Policy can mitigate a Magecart attack and stop it from even happening.
Deploying an effective Content Security Policy can be difficult, but our CSP Reporting allows you to gather feedback and safely test a policy before deployment. Once deployed, an effective Content Security Policy will block a Magecart attack and stop the hostile JavaScript from even running.
We subscribe to various feeds of Threat Intelligence data, along with managing our own internally generated feeds, to keep apprised of the latest threats that exist online.
Using this Threat Intelligence Data, we can better analyse the sources of JavaScript on your website and detect malicious activity sooner.