How PageGuard Works

PageGuard deploys security permissions and policies to JavaScript-based web applications to continuously protect them from malicious client-side activities, malware, and third-party scripts.

Discover Real-Time Security Signals on Your Web Application’s Client-Side

PageGuard is a small but powerful library that our customers embed in their websites and web applications. Once embedded, PageGuard performs active permission control in your chosen JavaScript browser environment.

PageGuard overwrites certain main and core JavaScript code to protect your web application from client-side cyber threats. It runs continuously in the background to automatically detect unauthorized scripts and anomalous code behavior. After detection, PageGuard blocks all unauthorized and unwanted behavior in real-time.

Feroot-PageGuard-Collecting Real time Information

PageGuard is able to block a variety
of JavaScript functions and features:

Unauthorized Scripts

Inline scripts
Tags
Scripts dynamically added into your code
Scripts indirectly loaded thorough attributes and Evan()-like functions

Unauthorized Frames

Through frame and iframe tag
Through object tag
Through embed tag
Nested frame blocking

Input Read Access

Standard input value access
Non-standard input value access

PageGuard is able to monitor a variety
of JavaScript functions and security events:

XHR / Network monitoring

Monitor network AJAX
XML HTTP requests
Image loads
Network requests

Storage monitoring

Detect script activity (read and write)
Cookie storage
Session storage
Local storage

DOM security events monitoring

DOM leve
Script level
Resource level

PageGuard is not only good at protecting your web applications from client-side attacks, it is also great at collecting client-side cyber threat intelligence for you to utilize to protect your network. PageGuard telemetry includes:

Date and time when a script is being loaded in the browser.
If a script is being sideloaded or chainloaded.
Where the script is being loaded from.
% of affected users who have loaded the particular script.
% of affected pages (I.e # of pages that the script is loaded).

Want to see
PageGuard in action?

Register for a demo

Client-Side Security
Enables You to:

Stop Data
Exfiltration For Good

Thrive with an automatically protected client-side attack surface.

Fully Disable
Client-side Threats

Uncover abnormal web application behaviors and threats and fully disable e-skimming, cross-site scripting, formjacking, and other client-side attacks.

Maintain
Compliance Indefinitely

Stay ahead of current and future data privacy regulations.

Gain Peace of Mind With Automated Client-side Security

Rest easy that your web applications and your client-side data are always protected with JavaScript security permissions.

Integrate JavaScript Security Policies With Your Existing Technologies and Processes

Integrations

PageGuard allows customers to ingest client-side telemetry and cyber threat intelligence (CTI) into their security products for intelligence aggregation and collection. Customers enhance their externally sourced and server-side collected CTI with client-side collected and aggregated CTI from PageGuard. Current integrations include: