Feroot

Toronto, ON, Canada
2017
Aug 4, 2022   |  By Feroot
A few weeks ago we wrote about the “creepy, problematic, and potentially illegal” problems associated with web tracker security—in particular, the security risks of Facebook’s Meta Pixel, its ability to collect and use sensitive healthcare data, and the risks of hospital privacy lawsuits.
Jul 12, 2022   |  By Kevin Wesley-Lynch
When it comes to client-side security, creating and deploying a content security policy (CSP) can serve as a solid starting point. To deploy a content security policy, you must first identify assets, including first- and third-party resources that will be loaded in the browser when a user visits your website. For those who haven’t heard of a content security policy (CSP), you probably know that it’s easier said than done. Let’s talk about what those steps are to deploy a CSP.
Jun 30, 2022   |  By Feroot
When it comes to security and healthcare, most patients expect, at the very least, doctor-patient confidentiality. If web trackers are embedded within the JavaScript on a healthcare website you expect full security. I mean, you shouldn’t have to worry about someone working at Facebook knowing your personal healthcare information, like the details of a doctor’s appointment, right?
Jun 23, 2022   |  By Mary M.
I am a credit card skimming attack victim. It happened about eight weeks ago, and to this day, we’re still dealing with the repercussions. This is a true story. (Although I did substitute a few facts to protect the innocent.) And yes, while I work for Feroot, and this is appearing in our blog, I think it is important that cybersecurity professionals hear first hand from a card skimming attack victim—someone who is like every other customer that their business supports.
Jun 14, 2022   |  By Feroot
Generating a generic content security policy is easy. Manually managing those policies to ensure they operate effectively and provide the right level of security is an entirely different issue. For businesses willing to make the shift, an automated content security policy can significantly ease the policy management burden.
Jun 9, 2022   |  By Feroot
When client-side security breaches happen, web application developers may find themselves at the receiving end of the blame game (somewhat unfairly). The demands of an accelerated development cycle combined with pressures related to JavaScript web applications security, means developers may feel caught in the proverbial “damned if you do and damned if you don’t” loop.
May 31, 2022   |  By Feroot
PCI DSS 4.0 couldn’t have come at a more opportune time, particularly as the global pandemic forces more individuals into online purchasing—from shopping and entertainment to healthcare and hospitality. With PCI 4.0 compliance mandated by 2025, it is critical to understand now what it will mean for client-side security, so businesses can begin the implementation process.
May 24, 2022   |  By Feroot Security Team
Web application visibility is all about the insight and control application security professionals have into the software operating on the front end or client side. Sitting down to write about why web application visibility is important to JavaScript security, I was reminded of a folk song about coding that was popular back in the 1980s. (Yes, you read that right. A popular folk song about coding. Fans of Stan Rogers or listeners of the cult-favorite, syndicated radio show known as Dr.
May 18, 2022   |  By Feroot Security Team
JavaScript supply chain attacks are a bit like rolling thunder. The boom starts in one location and then reverberates along a path, startling folks, shaking windows, and—if there is a significant enough storm to accompany the thunder—leaving varying degrees of devastation in its wake.
May 12, 2022   |  By Feroot Security Team
Increasing website attacks make JavaScript security a priority for any business. Here are 10 JavaScript security best practices for business to help protect from e-skimming or other types of client-side attacks and to ensure improved web application client-side security.
Jun 28, 2022   |  By Feroot
Client-side security is important today because of the increase in attacks against individuals using the web to access services that require the sharing of sensitive and personally identifiable information (PII). Feroot enables proactive client-side security programs to protect the customer journey. Our products are designed to significantly diminish a threat actor’s ability to breach customer data or damage websites via client-side attacks. We help cybersecurity and application security professionals guard the customer experience.
Jun 21, 2022   |  By Feroot
Empower your business with client-side security. Arm your application developers, security professionals, and privacy professionals with reliable client-side security technologies to develop secure JavaScript applications, stop client-side cyberattacks, and ensure compliance with global privacy regulations. Learn more about Feroot Security and what we can do to help you secure your client-side attack surface!
Oct 14, 2021   |  By Feroot
See Feroot Security Inspector in action. Learn how you can deploy client-side JavaScript security monitoring to detect Magecart, e-skimming, formjacking, JavaScript vulnerabilities, and other threats to your customer-facing web applications.
Mar 31, 2022   |  By Feroot
Learn how to protect your client-side web applications and the customer data you collect via your websites. Gain a deep understanding of how to stop skimming breaches by closing gaps in your web application firewalls, content security policies, penetration testing, security testing, and vulnerability scanning coverage. Explore the basics of client-side security and learn how businesses can protect themselves and their customers with automated tools, monitoring, and controls to stop threats, all while safeguarding customer data.
Mar 31, 2022   |  By Feroot
In a world in which commerce, business, and information are driven almost exclusively by the internet, protecting both consumers and data is critical.
Mar 1, 2022   |  By Feroot
Learn how client-side web security programs use Feroot Security to align with cybersecurity frameworks.
Mar 1, 2022   |  By Feroot
Learn everything you need to know about client-side security to protect JavaScript web applications and customer data. Discover how to secure your business so that it may succeed in today's digital economy.
Mar 1, 2022   |  By Feroot
Learn how to protect your JavaScript web applications and customer data from cyberthreats. Discover how to secure your webpages and web applications so that your business can thrive. The guide highlights the fundamental risks associated with using JavaScript in an unprotected client-side environment and what web application developers and security professionals can do to better protect their websites and website users.

Secure your JavaScript web applications and webpages with automated security scanning, monitoring, and controls to stop cyber threats and protect customer data.

Arm your application developers, security professionals, and privacy professionals with reliable client-side security technologies to develop secure JavaScript applications, stop client-side cyberattacks, and ensure compliance with global privacy regulations.

Empower your business with client-side security:

  • Know your client-side attack surface: Create an inventory of client-side elements and gain a deep understanding of how scripts and applications behave and the data they can access.
  • Uncover suspicious behavior: Discover and control client-side web assets. Monitor web application behavior to determine if baseline scripts or applications show runtime or access abnormalities.
  • Act on privacy & compliance reports: Gain deep transparency of your client-side asset inventory, tracking, and remediation status’. Track PCI DSS, NIST, CIS Top 20, OWASP Top 10, and MITRE ATT&CK program maturity.

Client-Side Security Made Easy.