Every time your user or visitor loads your website or web application, they don't only load components from you, but also components from the wider web and third-party vendors. You only have visibility on what is happening server-side, not what is actually being loaded into the user's web browser.
Similar to how a Web Application Firewall (WAF) proxies HTTP requests, cside proxies JavaScripts you ordinarily have no control over today. This lets us see exactly what the user sees.
Attackers can't provide a clean script to security solutions and a bad script to users. We get the exact copy of the payload, deobfuscate it, and run it against detection systems including LLM-based analysis.
We look at how code executes, not just what it does. This helps differentiate between legitimate tracking scripts and malicious behavior with similar technical patterns.
Monitor marketing, analytics, and payment scripts without breaking checkout flows.
Protect user data while maintaining performance for global applications.
Ensure third-party integrations don't compromise sensitive payment data.
Maintain HIPAA compliance while using essential third-party services.
While both use proxy technology, cside's hybrid proxy is purpose-built for JavaScript security.
| Feature | cside Hybrid Proxy | Web Application Firewall (WAF) |
|---|---|---|
| What it proxies | Only specific third-party JavaScript files | All HTTPS traffic to your entire website |
| Impact on main site | Zero impact - your main site traffic is untouched | Sits between users and your entire website |
| Configuration complexity | Simple - just add NPM package or script tag | Complex - requires managing rules for all traffic, SSL certificates, content types |
| Failure mode | Fail-open: scripts fetch from original sources | Entire website becomes unreachable |
| Latency added | 8-20ms only for proxied dynamicscripts (static scripts cached and faster) | Adds latency to every single request |
| Security focus | Client-side JavaScript threats and behavior | Server-side inbound request protection |
| Works alongside existing security | Yes - complements WAF and other tools | N/A - handles different layer |
FAQ
Frequently Asked Questions
Think of it this way: a WAF sits between your users and your entire website, proxying all HTTPS traffic. cside's hybrid proxy is much more targeted and only proxies the JavaScript files from third-party sources, leaving your main website traffic completely untouched. Your users connect directly to your website as normal, but when their browser requests a third-party script, that single request gets routed through our proxy for analysis before delivery.
Yes, that's why we call it a hybrid proxy. We designed cside as a hybrid proxy, meaning you have granular control over which scripts get proxied and which don't. Critical scripts like Stripe, PayPal, Google Pay, or Intercom can be set to bypass our proxy entirely with capture-only mode, while newer or less trusted scripts get the full proxy treatment. This flexibility means you can allow the scripts you trust and proxy the scripts you're most concerned about or have not seen before, and expand coverage as you become more comfortable.
No, your website will continue working normally as we only intercept third-party scripts, which are usually not render-blocking, and we will not stop scripts from being served during an incident. cside has a fail-open design with a 99.99% uptime SLA, but if there's ever an issue, JavaScript requests automatically fall back to fetching directly from their original sources. This is completely different from a WAF failure, where your entire site becomes unreachable. We've designed the cside platform to enhance security without creating single points of failure for your website's core functionality.
Your website will continue working as intended. cside has a fail-open design with a 99.99% uptime SLA, but if there's ever an issue, JavaScript requests automatically fall back to fetching directly from their original sources. This is completely different from a WAF failure, where your entire site becomes unreachable. We've designed the cside platform to enhance security without creating single points of failure for your website's core functionality. We knew from the start that this was an important requirement.