Introducing Page Integrity Manager
On May 26, Akamai launched our Page Integrity Manager, extending our solutions for securing and delivering digital experiences. During beta, we monitored more than one trillion real-user interactions to understand script composition and behavior. Above all, one thing stood out: Scripts loaded in real users’ browsers constitute a huge and continuously evolving attack surface, posing significant challenges to static approaches to these threats.
At its core, Akamai’s Page Integrity Manager is designed to protect websites against JavaScript threats, including Magecart, as well as other web skimming and formjacking attacks. This is done by detecting suspicious and malicious script behavior in real time, enabling application and security teams to make informed choices, and react quickly. Throughout the beta process, we demonstrated this is a highly accurate, efficient, and effective way to deal with JavaScript threats without constraining business partner choice or slowing release velocity.
During a recent week, Akamai’s Page Integrity Manager analyzed more than 7 billion JavaScript executions across 195 million page views. The detection cloud identified 16,498,385 discrete real-user events with suspicious or malicious script behavior, which were consolidated into 64 unique attack incidents. Each incident generated a notification with a detailed explanation of what had been observed and the attack mitigation options that could be enacted, all within seconds.
In addition to detecting attacks, Page Integrity Manager also seeks to prevent attacks by analyzing JavaScript resources, loaded by real users, for known vulnerabilities. During the same recent week, 272,627 JavaScript resources were executed by real users, containing 1,290 known vulnerabilities. This came as a surprise to many application and security teams, as virtually all have some form of vulnerability scanning in their pipelines.
Modern web front ends are complex, highly dynamic, personalized, and targeted. The conditional nature of the user experience means there are a myriad of not just experiences, but also resources, presented to real users. Compounding these challenges, we observed more than 75% of the scripts loaded by real users came from third-party sources.
Third-party scripts are essential to today’s user experiences and digital business operations. They are widely distributed and therefore are highly targeted by criminals seeking maximum reach.
The risk associated with third-party resources has been known for some time. Common defenses rely upon web application and security teams statically defining who to trust — an allowlist of JavaScript sources. These approaches are notoriously challenging to keep current, and require coordination between application, marketing, and security organizations, and therefore have been infrequently used. Over the past few years, criminals have started targeting third-party script providers in order to leverage their inherent trust as a means to bypass these security defenses and hide in plain sight. This is a particularly difficult problem: knowing when a previously trusted party should no longer be trusted.
The answer is something that can run in real time, examining behavior and determining trust with every real-user interaction. A solution is needed that delivers notifications instantly upon detection of an issue, with actionable details explaining the source and destination of the threat, the number of users impacted, and recommendations on how to rapidly mitigate such incidents.
That’s what we introduced — a solution that offers robust visibility into compromised scripts and client-side threats, and the actionable information needed to make informed decisions about the detected risks.
To learn more, head to akamai.com/pageintegrity.
*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Steve Ragan. Read the original post at: http://feedproxy.google.com/~r/TheAkamaiBlog/~3/HeEWNR7lF6U/introducing-page-integrity-manager.html