Shulou(Shulou.com)06/01 Report--

The rise of third-party scripts

Modern Web applications increasingly rely on executing JavaScript code from external services and vendors in browsers, often referred to as third-party scripts. As an example shown below, Akamai executes a number of scripts to build our home page. Nearly 70% of these scripts come from external sources.

Partial request map of www.Akamai.com

Like almost all other Internet-based enterprises, we use third-party scripts because they enhance the Web experience, are easy to add and modify, promote a consistent Web experience, and are pre-integrated and maintained by third parties. In fact, today's websites use an average of 56% of third-party scripts (68% of Akamai's third-party resources).

Security Challen

Magecart- 's credit organization using new and more complex methods has become a typical example of third-party scripting.

Because third-party scripts come from many trusted and untrusted sources in the enterprise supply chain, Web-oriented applications have become increasingly large and difficult to defend. Websites that use credit cards are at constant risk-in fact, of the thousands of sites that have been Magecart in the past few years, 1/5 of the victims are usually reinfected within the last few months.

Unfortunately, most of today's application protection solutions try to adapt to existing technologies, using firewalls and policy controls to prevent third-party scripting threats. If applied strictly, this approach may limit the flexibility of open business practices and third-party scripting. However, if policies are used loosely, many malicious attacks may be missed.

The main way for security teams to keep script code clean is through constant script review and testing, which is really difficult.

Because security teams continue to face the constant, time-consuming and invisible challenge of detecting and mitigating third-party scripts, they are often unable to complete the task of checking third-party Javascript to inject malicious code into web pages, which is one of the most popular ways to browse credit cards and vouchers today. In 2019, an average of 4800 websites per month received code injection from third parties, an increase of 78 per cent over 2018.

Source: Symantec Internet Security threat report 2019

Akamai Page Integrity Manager

Page Integrity Manager is designed to discover and evaluate the risk of new JavaScript or modification of JavaScript, control third-party access to sensitive forms, and achieve automatic protection. The solution uses machine learning models, heuristics, signatures and risk scoring models to fully monitor the behavior of each JavaScript work load in the session through a series of detection layers. This advanced method identifies suspicious and malicious behavior, uses policy-based control methods for automatic protection, and uses Akamai threat intelligence cloud data to block bad actors to improve accuracy.

Ability

Behavior detection technology constantly analyzes the behavior of script execution in real user sessions to identify suspicious or thoroughly malicious behavior and notify the security team in a timely and effective manner.

Network monitoring and scripting intelligence: monitor network requests and know what real users are downloading and executing when interacting with your brand to detect potential malicious threats.

CVE detection: continuously checks whether all Web resources displayed on the Web application correspond to the open Common Vulnerabilities and Exposures database to identify existing known vulnerabilities in the runtime JavaScript code.

Edge injection is enabled quickly: Page Integrity Manager is injected at the CDN level and is easy to deploy and does not require code.

Policy management: you can choose custom policies to control the execution rights of the runtime JavaScript, which monitor and / or restrict access to Cookie, network targets, local storage, sensitive data entry, or DOM events for each original domain.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.