Stop client-side data breaches
PerimeterX Code Defender is a client-side application security solution that continuously protects your website from digital skimming, formjacking and Magecart attacks, stopping data breaches and reducing your risk of non-compliance.
Read Case Study
We wanted to find the anomalies and changes in our client-side scripts. The Code Defender behavioral analysis solution greatly simplifies this process.
Code Defender gives you continuous visibility and control over first-, third- and Nth-party scripts running on your website and protects you against a wide range of attack techniques.
Code Defender automatically learns, inventories and baselines all script activity on your web pages, eliminating the need to manually inventory your website scripts and pre-configure policies.
Proactive research from the PerimeterX research team is used to continuously improve Code Defender detection and to provide actionable context on alerts.
Our 24/7/365 proactive security team is always available via multiple channels to help you investigate security incidents, provide actionable insights and function as an extension of your team.
Code Defender runs on the PerimeterX Platform, a set of cloud-native infrastructure and services that powers an award-winning suite of application protection solutions, enabling full visibility and control of your web and mobile applications and APIs. The Platform also powers PerimeterX Bot Defender and PerimeterX Page Defender which protect your website against security threats including malicious bots, unwanted browser extensions and ad injections.
The PerimeterX Sensor collects activity signals from the client-side browser including interactions with the DOM, network domains and local storage. This information is sent to the cloud-based Detector for analysis. The Sensor does not collect any personal data from the browser.
The cloud-based Detector analyzes the client-side activity signals using advanced machine learning models to build a baseline profile for every first-, third- and Nth-party script running on the web page. The Detector flags any changes in script behavior or execution of new scripts and automatically generates alerts.
The out-of-band Enforcer works with your web server or CDN to automatically manage and enforce CSP rules. Updated with continuous intelligence from the Detector, the Enforcer ensures that the CSP prevents scripts from being loaded from unknown domains, and blocks malicious network communication on the client-side browser.