Media Center - Feroot

Feroot Media Center

About Feroot

Feroot Security believes that customers should be able to do business securely with any company online, without risk or compromise. Our mission is to secure client-side web applications so that organizations can deliver a flawless digital user experience to their customers. Visit

Corporate Mission

Feroot Security believes that businesses and their customers should be able to experience a safe and secure online user experience. Whether it’s leveraging the purchasing power of an e-commerce website, accessing internet-based healthcare services, or transferring money between financial accounts, Feroot Security’s sole mission is to secure client-side web applications so that businesses and their customers can engage safely in online environments.

Businesses come to Feroot to enable automated and advanced client-side security programs. Our data protection capabilities significantly minimize time- and labor-intensive code reviews and threat analysis, and remove the ambiguity associated with client-side security detection, response, and prevention.

Our products help organizations uncover supply chain risks and protect their client-side attack surface.

Company Values

Customer Centricity

Feroot Security’s values come down to one simple statement: Secure and protect businesses and consumers from online, client-side threats. Everything we do, we do for our customers and their customers. Every decision we make is to improve protection and security for online web application users.

Teamwork & Collaboration

We hire colleagues who are dedicated, humble, persistent, and smart. Together we are smarter, stronger, and better. We believe in respecting each other’s strengths and understanding and supporting each other’s weaknesses. We help each other learn, succeed, and grow.


Feroot Security believes that security begins with honesty and integrity in everything we do.

Respect for People

We respect and admire our people, encourage their diverse talents, and value their leadership and dedicated performance.

Win the Race & Enjoy the Ride

We win and have fun together. A positive and engaging work environment drives growth (business and personal), innovation, creativity, and market leadership.

Feroot Security Fact Sheet

What does Feroot Security do?

Feroot secures the front end—or client side—of web applications from Magecart, e-skimming, cross-site scripting (XSS) and other types of client-side attacks due to problems with JavaScript, third-party or open-source libraries, or flaws or vulnerabilities in the web application code design. Our products—Inspector, PageGuard, and DomainGuard help organizations uncover supply chain risks and protect their client-side attack surface.

When was Feroot Security founded?

Feroot Security was founded in 2017. Increased investor funding has facilitated Feroot growth over the last few years, first with $2.5 million in seed funding in 2021 and another $8.5 million in February 2022.

Where are Feroot Security’s headquarters located?

Feroot Security is headquartered in Toronto, Ontario, Canada. In addition, Feroot Security employs staff in the United States, Brazil, and South Africa.

Why is client-side security so important?

Client-side security is important today because of the increase in attacks against individuals using the web to access services that require the sharing of sensitive and personally identifiable information (PII). These types of services include e-commerce, healthcare, finance/banking, and hospitality.

The primary cause for these types of attacks relates to vulnerable programming in web applications, 98% of which involve the use of JavaScript. In addition, up to 80% of websites pull their JavaScript from open-source and third-party libraries, also known to contain vulnerable, flawed, or malicious code. JavaScript, code libraries, and the general lack of front-end web application security has created unprecedented opportunities for exploitation.

To fully mitigate the risk for breaches or attacks, companies must simultaneously protect both their server and the client side of their business. This includes everything that customers see, such as text, images, and the rest of the UI, along with anything customers interact with, such as what the website or web application does within the user’s browser.

Press Releases

Press Release
Feroot Security Appoints Mark Gillard, EVP of Sales & Customer Success to build and drive the company’s sales and customer...
Press Release
Seed Funding Round Led by Silicon Valley Venture Capital Firm True Ventures Toronto, ON – Feb 28, 2022 – Feroot...
Press Release
Toronto, ON – June 28, 2022 – Feroot Security, a leading provider of client-side cybersecurity solutions, today...
Press Release
Client-side security innovator now provides unmatched ability to generate, manage and monitor Content Security Policy violations...


The banking industry was dubbed the “most breached sector” by Forbes in 2019. At the time, it accounted for...
When the COVID-19 pandemic pushed many businesses into the digital space, many appeared to be unprepared for the threats...
Businesses know they need to secure their client-side scripts. Content security policies (CSPs) are a great way to do that....
Payment data, particularly on the client-side, is extremely vulnerable. PCI DSS 4.0 hopes to bring more protections, but...
Full Color Logo (Dark)

Please use the Full Color Dark Logo in all instances where a white or light background is present

Full Color Logo

Please use the Full Color Dark Logo in all instances where a white background is present

Reverse Color Logo (Dark)

Please use the Reverse Color Dark Logo in all instances where a mid-dark background is present

Reverse Color Logo

Please use the Reverse Color Dark Logo in all instances where a dark background is present

Customer Testimonials

Chief Security & Compliance Officer, Quickbase
Michael Lemire

The beauty of Feroot Inspector is that it covers a clear and present attack vector. Over 5% of attacks come via supply chain and third-party scripts, and most security teams are blind to these with their current security tools. This particular attack vector is becoming more and more prominent. We’re seeing more real-world client-side attacks coming. So, from a security perspective, it’s in the news and it’s real. From the privacy perspective, everyone is aware how important it is to align with privacy best practices and regulations.

We’re on a mission to be the trusted low-code vendor in the industry. Our number one priority is to establish trust with our customers and ensure the security of our entire digital ecosystem. Feroot Security Inspector has provided us with an automated technology to uncover our client-side attack surface and protect it in real-time.”

Chief Security Officer, Gusto
Frederick “Flee” Lee

A day doesn’t go by that you don’t hear about a new JavaScript-based attack on a company’s website or web application. We’re seeing attackers pivoting from traditional server-side attacks to client-side attacks. To protect our business from server-side threats, we needed to enhance our client-side security capabilities to stay ahead of the threat.

Now that we have Inspector integrated into our security operations, we are happier with our front-end security posture. We are even more confident that we are able to find issues in our web applications quickly and fix them. We believe we have a solid solution in place to keep our eyes on our front end.”

Business Media Company
Director, Network & Security

A while back, a third-party had been responsible for our digital magazine property. Alas, the third-party hadn’t set up the proper client-side security controls, and we inadvertently became victims of a Magecart attack. We needed to take control of our client-side security and bring it in house. We needed to understand everything about our client-side digital properties to keep our business and our customers safe from harm.

During the Feroot Inspector demo we saw a lot of information that we didn’t know about, and didn’t have the technology to uncover. Feroot showed us all the first- and third-party scripts that were running on our web pages, code that was obfuscated, vulnerabilities in our code, ongoing data fingerprinting, and more. It blew us away.”

Referencing Customers

Before referencing any of these customers, a formal request to reference the customer must be made to Mark Gillard, EVP Sales & Customer Success. Current publicly attributable customers:


AT&T Cybersecurity




Herjavec Group