Website Security (MarSec™) Platform | Ensighten | CHEQ

Website Security (MarSec™)

Client-side detection and prevention of unauthorized data leakage and theft through your website supply chain

For many organizations their website and mobile applications are the cornerstone of their business, and from here web applications have evolved to enable greater functionality by leveraging client-side capabilities. As such, security evolution must follow.

Payment card and web skimming exploits are regularly hitting the headlines, highlighting a clear need for organizations to review the security risks within their website supply chain.

A compromise of a website supply chain vendor through an injection of malicious JavaScript can be detrimental to an organization both operationally and financially, as well as harming your reputation.

Magecart is a notorious global cybercrime group specifically targeting third-party vendors to inject malicious JavaScript onto a page or into a payment form to steal customer data. They were behind over 300,000 attacks in 2018 alone.

Data breach vulnerabilities

As cybercrime methods continue to develop, it is important to be aware of how your website can be compromised. Our Website Security (MarSec™) platform enables monitoring and protection against the following data theft attacks and techniques:

JAVASCRIPT INJECTION
MAGECART
THIRD-PARTY VENDOR EXPLOITATION
CSS INJECTION
CLIENT-SIDE KEYLOGGING
FORMJACKING
WEB SKIMMING
TAG PIGGYBACKING
MAN-IN-THE-BROWSER

Monitor and protect against data leakage

Our cybersecurity platform MarSec™ can monitor, identify and protect against data leakage and cybercrime groups such as Magecart, offering the following functionality to protect against attacks:

Real-time website monitoring

Monitor all network requests coming into or out of your website to detect potential malicious threats

Automated website privacy audit and alerts

Detect risks to your organization's privacy rules; website scanning will check for unapproved technologies that might have access to your customer data

Masking of sensitive data

Determine unique data patterns to prevent being exposed within the URL and avoid sensitive data from being passed to unauthorized third-party technologies

Allow and block third-party vendors

Define permissions of the appropriate third-party technologies you want to allow to receive data or block vendors from receiving specific types of data

Privacy gateways

Block unknown and unwanted website trackers, technologies and tags to prevent them from firing on site and collecting data

Blocking of unauthorized network calls

Block Magecart style attacks, CSS hacks and man-in-the-browser to protect end users and stop data breaches

Protect your website from Magecart and data leakage

If you are collecting sensitive customer data but do not have specific website security controls in place, your business is vulnerable to data leakage. With increasingly tight regulations surrounding customer data security systems, digital security should be a priority for every organization. Get in contact to learn more about how Ensighten can protect your website from a data breach