We watched closely as customers navigated the Code Defender dashboard to gain visibility into their website code and track incidents. Then, after taking feedback from customers and the PerimeterX Customer Success team, we made several enhancements to the product -- and the dashboard in particular. Customers trusted our analysis of the suspicious scripts and why Code Defender marked them as threats, but they needed a detailed report to show the data to the third-party vendors that supplied the scripts. We also wanted to avoid the black-box approach taken by most security vendors and provide information regarding the script's actions and the logic we used for classification. The new analyzer dashboard was the answer and has instantly become one of the main features of Code Defender. The analyzer dashboard shows all the details for any incident and provides all the information needed to quickly mitigate attacks.
Here is a screenshot from the analyzer dashboard zooming into a high-risk incident from our demo setup. The details for the offending json-polyfill.js script show that it is impacting four percent of the website users and communicating with a known Magecart domain. All of the script's actions - interaction with the DOM, network activity and storage triggers - are captured and visualized on an intuitive timeline chart. The granular details paired with the exact action that leads to the incident classification enable customers to get speedy resolution for security issues from their third-party vendors.
This is just the beginning. Code Defender is a SaaS solution leveraging an advanced behavior-based machine learning platform that powers multiple products. There are more features already in the works to help customers get the best client-side protection against digital skimming attacks like Magecart.