Monitor additions and modifications to scripts on your website and the sites that host them.
The Scripts section provides information about all of the scripts that were found on your targets, as well as where they are hosted.
- Keep track of additions or changes to scripts on your website. If you don't recognize a script or a change that was made, you should verify that it is legitimate.
- Verify that 3rd party sites hosting scripts are safe. Find out if sites that host your scripts have previously been flagged for serving malware, phishing, or adult content.
Every script tag that is discovered during the crawling process is cataloged.
Risk is assigned by verifying that the script is loaded over HTTPS and the host does not serve malware, phishing, or adult content.
- High (● Red): The host serving the script has been flagged for malware or phishing content.
- Medium (● Yellow): A script is being loaded over a plaintext HTTP connection.
- Low (● Green): No significant risks are associated with the script.
We recommend fixing both High and Medium risk issues.
Scripts can be monitored for changes by toggling their monitor status on the List page. This is useful for keeping an eye on scripts that are involved in sensitive areas of an application such as shopping carts and checkout flows. If a change is detected it will trigger a
website-script-monitor-changeevent so you can be immediately notified.
Learn more about events at: