The script analyzer feature of Code Defender is now generally available. This feature provides a detailed view of all script activities on a user’s website. Every document object model (DOM) interaction, network and storage action of all scripts is readily available in the dashboard. The analyzer dashboard also shows which activities started or stopped during the past week in the “activities over time” widget. This widget provides a great way to observe and compare trendlines, as well as view all incidents triggered by a specific script.
In addition, the analyzer provides a script interaction chart that shows the full supply chain of the script, including the entire script loading sequence related scripts, number of scripts loading a particular script, and the script sources. For Magecart attacks the details are necessary to triage the issues quickly and accurately. To analyze any script users can log into the Code Defender cloud portal and right-click on any script ID in the dashboard.
Feature Enhancements in the October 2019 Release:
Investigating past incidents: Time range support is now available on the dashboard to enable investigating past incidents or analyzing scripts that are no longer active on the site. Time range allows reviewing data for the last 24 hours, 7 days, 14 days or 30 days.
Incident Widget: Clear incident description, last seen status and enhanced recommendations are now available on the Incident Widget.
Additional Dashboard Enhancements: Vendor details and script ID now have a direct link to the source, enabling direct browsing from the dashboard.
First-party iFrame Monitoring: Monitoring capability for detecting activity within iFrames provides full visibility into first-party scripts.
Cryptojacking Detection: Detection capability has been enhanced to identify several variations of crypto mining and cryptojacking activity.
Spoofed Domains: New detectors identify scripts that are both mimicking known vendors and known host domains.
Link Change: Identifying new target URLs set on HTML elements is now possible since Code Defender now tracks link changes.
You can learn more about these features by watching this Code Defender demo video.