Malicious requests, SQL injections, and exploitation of application vulnerabilities are examples of server-side attacks. This is where WAFs excel. Client-side attacks, on the other hand, exploit legitimate third-party scripts that your WAF has already approved and delivered to browsers. The attack happens when these scripts execute in your users' browsers and steal data like credit card numbers or login credentials. Your WAF sees the legitimate script delivery, but is blind to what that script does once it's running on the client-side.
Can cside work alongside my existing WAF without conflicts?
We monitor an entirely different dimension of the application stack; hence, there is no interference.
Does cside's JavaScript proxy add latency like a WAF does to all traffic?
cside only adds 8-20 milliseconds to specific dynamic JavaScript files we proxy, with static scripts cached for faster loading.
How does cside's approach compare to the complexity of managing a WAF?
cside is much simpler because we're only handling JavaScript files, not your entire web infrastructure.
What happens if cside's proxy goes down? Will my website break?
Your website will continue working as intended with our fail-open design and 99.99% uptime SLA.