WAFs are designed to analyze HTTP requests coming into your server, but client-side attacks happen after your legitimate content has already been delivered to the user's browser. A malicious script would execute within the browser environment, collecting sensitive data and sending it to attacker-controlled servers. A WAF would not have visibility into that payload by design. Since this activity happens on the client-side after your webserver responds, your WAF never sees the malicious behavior or data theft occurring.
Yes, because client-side security monitors an entirely different dimension of the application stack.
cside only adds 8-20 milliseconds to specific dynamic JavaScript files we proxy, with static scripts cached for faster loading.
cside is much simpler because we're only handling JavaScript files, not your entire web infrastructure.
Your website will continue working as intended with our fail-open design and 99.99% uptime SLA.