Feroot Launches Fully Automated CSP Management Solution Called DomainGuard to Expand Client-Side Security Platform
Client-side security innovator now provides unmatched ability to generate, manage and monitor Content Security Policy violations
Feroot Security, a leading provider of client-side cybersecurity solutions, announced the launch of DomainGuard, a fully automated content security policy solution and the latest offering within its award-winning client-side supply chain security platform.
DomainGuard provides web developers tailor-made Content Security Policy (CSP) management, greatly reducing risks associated with ever-growing client-side attacks that stem from missed CSP violations and the use of chainloaded scripts that are often blindly trusted. Through simple CSP creation, management and monitoring, the impractical manual task of evaluating up to thousands of scripts on numerous pages, and doing so continuously, is eliminated.
Marketing Technology News: Docusign Bolsters Leadership Team in Push Toward Enabling the Anywhere Economy
“Through the launch of DomainGuard, we’re building upon our client-side attack surface management platform to address the impracticality of manually managing a CSP, let alone remediating and preventing violations and attacks,” said Ivan Tsarynny, Feroot co-founder and CEO. “With DomainGuard, CSP violations are handled in moments instead of months. Feroot provides this unparalleled peace of mind for the organization and their users when they’re completing something that may seem as innocent as a registration request, check out experience, or payment process. Feroot is committed to remaining the top innovator in client-side security—a highly needed protection that only becomes more and more important as the dependence of online usage exponentially grows. That’s what positions us as a business enabler.”
Marketing Technology News: MarTech Interview with Chris Knowlton, Chief Evangelist at Panopto
The Immense Power of Automation in Client-Side Security
Designed for organizations that wish to control their client-side attack surface by deploying and managing CSP on their web applications, DomainGuard quickly identifies all first- and third-party scripts, digital assets and the data they can access. It then generates appropriate CSP on crawled data and anticipated effectiveness while also allowing customers to fine tune CSP at the domain level for easy management, version control and reporting.
DomainGuard beta testers around the world reported they previously found themselves adhering to the all-too-common misconception that all it takes to deploy a proper CSP on a web application or website is to write a CSP and simply configure a web server to return the CSP HTTP header. But beta testers also reported they didn’t know if that approach really provided the needed security or if it armed them with sufficient or too much coverage.
A simple example of the potential lack of visibility would be to ask what happens if someone adds a new widget to the website. Organizations typically won’t know if its CSP would work or even if an audit would identify a related issue. DomainGuard addresses this significant vulnerability based on customer specific web application crawls and data collection.