Can a WAF protect against supply chain attacks on third-party JavaScript libraries?

Ce site utilise des cookies et d'autres technologies qui nous permettent, ainsi qu'aux entreprises avec lesquelles nous travaillons, de collecter des informations sur votre appareil et votre utilisation du site afin d'assurer le bon fonctionnement, l'analyse et la publicité. Consultez notre avis sur les cookies pour plus de détails.

Pour en savoir plus, consultez notre politique de confidentialité et notre avis sur les cookies.

WAFs cannot protect against client-side supply chain attacks because they don't intercept the fetch to the 3rd party endpoint and therefore have no visibility into the JavaScript files from the 3rd party sources. When attackers compromise popular libraries or CDNs, the malicious updates continue to be delivered from the same trusted domains that your WAF has whitelisted. Your WAF sees legitimate requests to approved sources and allows them through, completely unaware that the content has been weaponized by attackers.

Questions connexes

Can cside work alongside my existing WAF without conflicts?

Yes, because client-side security monitors an entirely different dimension of the application stack.

Does cside's JavaScript proxy add latency like a WAF does to all traffic?

cside only adds 8-20 milliseconds to specific dynamic JavaScript files we proxy, with static scripts cached for faster loading.

How does cside's approach compare to the complexity of managing a WAF?

cside is much simpler because we're only handling JavaScript files, not your entire web infrastructure.

What happens if cside's proxy goes down? Will my website break?

Your website will continue working as intended with our fail-open design and 99.99% uptime SLA.