NEW HAVEN, Conn. and ROSH-HA’AYIN, Israel, Sept. 20, 2022 (GLOBE NEWSWIRE) — Source Defense, the pioneer and leader in client-side protection and privacy compliance for web applications, today announced the release of Source Defense 3.0. The release adds an external monitoring, detection and alerting (Source Defense Detect) offering to the Source Defense Platform, making the company the only one in the market to offer both detection and protection-based (Source Defense Protect) solutions for client-side attacks data breaches. With the release, Source Defense adds advanced capabilities for business, security, and risk/compliance stakeholders to manage their website supply chains. In addition, it provides organizations around the world with the most comprehensive capabilities available to comply with client-side security policies included in the latest version of the Payment Card Industry Data Security Standard (PCI DSS 4.0).
The company is addressing a major issue related to third-party supply chain risk that has resulted in a significant adverse impact on thousands of businesses over the past decade. One of the biggest and least quantified business vulnerabilities lies in the use of client-side JavaScript on websites. Client-side code delivered in real-time by third parties (as well as fourth and nth Party) supply chain partner, helps improve and improve the user experience of the website, increase engagement and drive analytical insights. Typical web properties rely on dozens of these supply chain partners, and this supply chain consists entirely of unmanaged and unprotected shadow code.
In the “best case” scenario, this shadow code leads to potential data breaches from unauthorized collection and sharing of data by these partners. At worst, it acts as a soft belly for opponents on any major website. This fertile and highly profitable threat and attack surface has resulted in hundreds of high-profile incidents and more than 400 client-side attacks (e.g., credential harvesting, formjacking, and magecart attacks) per month over the past two years, making headlines with major brands such as Macy’s, Ticketmaster, British Airways, Segway and many others.
Source Defense 3.0 introduces tiered packages to deliver solutions tailored to each customer’s unique needs and budget. The Source Defense Platform now includes:
- Source Defense Detect – an all-new solution that leverages external scanning, AI-driven algorithm detection, and advanced alerts to notify organizations of threat activity and privacy violations without unnecessary noise and without the need to edit site code for deployment touch, must be labeled
- Source Defense Protect – the same hands-on, AI-powered protection offering that already protects more than $20 billion in annual online revenue and thwarts nearly 10 billion compliance policy violations per year, with virtually zero resources to monitor
- A completely redesigned management platform that provides rich data for multiple stakeholders in all business, security and compliance roles – including high-level, role-based information and reports, with the ability to gain deeper insights
- A PCI DSS compliance management dashboard that supports authorization of scripts and justification for those executed on payment pages
“Source Defense is already recognized by the world’s largest companies and the cybersecurity industry as an innovator and pioneer in addressing the risk of website data leakage and data theft,” said Dan Dinnar, chief executive officer at Source Defense. “The addition of these new features makes the Source Defense Platform the most well-rounded of any offering in the space. We now offer a variety of solutions for businesses of all sizes to manage the security and compliance risks they face from their websites, in a simple, easy-to-manage and extremely cost-effective way.”
Recognizing this emerging problem, the company has established a dominant market position and continues to grow rapidly as an industry leader. A fanatical focus on customer satisfaction has resulted in multi-year engagements and loyalty with many of the world’s largest website owners. Earlier this year, Source Defense closed a significant Class B funding round to fuel its growth, and the company is enjoying a significant surge of interest related to its unique ability to accommodate new PCI DSS 4.0 regulations.
“Our flagship offering remains Source Defense Protect,” said Hadar Blutrich, Chief Technical Officer at Source Defense. “Our customers love the ease of deployment, virtually non-existent management overhead, and automatic avoidance of security and compliance risks. However, we recognized a need in the market for a detection-based solution that better meets the needs of organizations on a tight budget or those with a robust security operations infrastructure where detection and alerting are part of normal operations. We are proud to add Source Defense Detect to our offering – which includes all the strengths that our customers are currently enjoying. We are even prouder that we now have an evolutionary path for organizations to continually improve their website security.”
As part of this release, the Company is announcing a program to provide client-side security and compliance visibility to organizations entering website code freeze periods. As part of the program, Source Defense will provide external monitoring, detection and alerting with customized terms and conditions that will not impose barriers to adoption. The solution can be activated almost instantly and provides these organizations with significant risk mitigation as they enter a period of heightened adversarial activity.
“Too many companies are blind to the threat of data leakage and data theft posed by their 3rd generationapprox party website supply chain,” said Jason Moore, vice president of world-wide sales at Source Defense. “We are committed to giving them the visibility they need to mitigate this essential risk. Many organizations, especially those involved in e-commerce, are about to enter a website code freeze period. This period typically lasts the entire shopping season from October to January – the same period that attracts attacks. We combine the announcement of our 3.0 product launch with a program designed to provide immediate insight into website security and privacy compliance risks, and we’re ready to help.”
About source defense
Source Defense is a security and privacy compliance platform for any website that collects sensitive data or is transaction-oriented. It fills a pervasive gap in managing risk in the third-party digital supply chain with a model that extends security beyond the network to the client-side. As the market leader in client-side web application protection, Source Defense provides real-time threat detection, protection, and prevention of JavaScript-based vulnerabilities. The patented Source Defense Platform offers the most comprehensive and complete solution to combat threats and risks arising from the increasing use of JavaScript, third-party and open source code in websites today. The Source Defense solution is used by leading Fortune 500 companies in the financial services, retail, e-commerce and healthcare markets. With headquarters in Israel, offices in the US, and a strong community of valuable global partnerships, Source Defense is the most innovative, reliable, and trusted partner in the fight against client-side attacks.
Stephen Ward
[email protected]
+1-703-994-9349
