|
3.11 Script behavior details and acknowledgement screen
|
1 Script List
Script list shows the lists of scripts found on your account.
This list may be accessed either directly via the left menu or via the dashboard that may show the script list filtered based on predefined filters that may be adjusted manually. Notifications also may lead to this list filtered to display the relevant data.
You can set the rows per page to 5, 10 or 25.
The table columns are described below:
|
Column Heading |
Description |
| Script List (Table name) | List of 1st, 3rd, 4th+ party scripts found on the account. Click on a script to see list of sites where they appear. Click again on site to select site and see more details on selected script onsite. |
| Script Name | Script name, or script domain if script not yet identified. |
| Type |
1st – scripts hosted on and invoked directly by the website’s own domain. 3rd - 3rd party script invoked by website directly or by a tag manager. 4th+ - scripts that are invoked by a 3rd or higher party script. |
| Vendor | Company supplying the script |
| Category | Script category |
| Popularity | Script popularity |
| First Detected | The first time this event was detected on the site. |
| Last Detected | The most recent time this event was detected on the site. |
Clicking a Script entry opens a subsidiary window, called Script Site List, described in the next section.
2 Scripts Site List
Clicking a Script entry opens a subsidiary window with a further table, listing all the sites where this script appears:
The table columns are described below:
| Column Heading |
Description |
| Site | Site name |
| Type |
1st – scripts hosted on and invoked directly by the website’s own domain. 3rd - 3rd party script invoked by website directly or by a tag manager. 4th+ - scripts that are invoked by a 3rd or higher party script. |
| Behaviors | Script behaviors identified on this site. |
| First Detected | The first time this script was identified on this site. |
|
Last Detected |
The last time this script was detected on the site. |
| Policy |
Source Defense policy applied to script
|
|
Current status of script:
|
Note
Scripts will always remain in policy Monitored when using the Detect product. Other policies will be recommended and may apply only when using the Protect product, incluidng Block.
Clicking anywhere on the line opens the Script Page window.
For managing scipts that appear on multiple sites, see the relevant article(s):
How do I handle scripts that appear on multiple sites? [FAQ]
How do I authorize and justify scripts that appear on multiple sites? [FAQ]
How do I manage new script behaviors that appear on multiple sites? [FAQ]
3 Scripts Page Overview
The Scripts page shows the details of the script selected. A typical Scripts page looks like this:
The white part of the Scripts page concerns us here. For convenience, each section of the page is numbered:
There are twelve key parts of the script detail page:
- Title and status
- Type, source, and date
- Script description
- PCI justification
- Script status
- Recorded events
- Request map
- Domain risks
- Script popularity
- Observed script behaviors
- Domain information
- SSL certificate information
We look at each section in turn:
3.1 Title and status
The title is the script name. The status (in the figure, Identified) may change depending on what is done in the Script status widget below.
3.2 Type, source, and dates:
This line contains the following information:
-
Script category is one of –
- Advertising
- Analytics
- Developer Utilities
- Marketing
- Tag Management
- Video
- Script type – 1st or 3rd or 4th+ party
- Loaded by whom
- First detection date
- Most recent detection date
3.3 Script description:
The About section contains a script description (available online) as provided by the site-owner of the script under examination.
3.4 PCI Justification:
Scripts presented on payment pages must be justified to satisfy PCI DSS 4.0 Requirement 6.4.3. A script justification of up to 1,000 characters may be entered into the text box provided.
3.5 Script status:
The Script status section shows information about how the script is currently being managed by Source Defense, for customers with the full protection license. Clicking the "Manage" button will allow you to make changes to the current policy, if available, and to acknowledge new script behaviors, if new script behaviors are found.
For customers with the detection license, the only available status is Identified.
The ability to acknowledge and thereby track the script behaviors is avilable for all customers.
In order to ensure integrity as required by PCI DSS 4.0, script behaviors should be reviewed and if acceptable, acknowledged as to ensure alerts of new script behaviors identified.
When selecting manage, you will reach the script behavior acknowledgement screen found on section 3.11 Script behavior details and acknowledgement screen in this article below. This section will detail it's behavior.
3.6 Events:
These are events initiated by the script, with the first date/last date they were detected:
You may need to scroll horizontally to see the right-most date columns.
The table columns are described below:
| Column Heading | Description | ||||||||||
| Events (Table name) | Events are compiled from many types of signals Source Defense collects from the scripts’ behavior on the website. | ||||||||||
| Risk |
|
||||||||||
| Event Type | Event type is determined by what the script is doing on the website and the type of data being collected. | ||||||||||
| Exposed Users | Estimated number of users on the site exposed to this event. | ||||||||||
| First Detected | The first time this event was detected on the site. | ||||||||||
| Last Detected | The most recent time this event was detected on the site. | ||||||||||
| Status |
The status of the event, managed only by the user. The button "Reviewed" or "Re-open" will appear to change the event status to "Reviewed" or "Open", respectively. |
Clicking a down-arrow under Risk opens a further sub-display showing the event details:
Additional information about the event cause may be seen in the accompanying tooltip:
3.7 Script request map:
The Script request map shows the entire path from where this script originated i.e. it shows the scripts in an invocation hierarchy.
See section 2.5.6, Request map pane for further details.
3.8 Domain risks
The domain risk widget will show any relevant information about risks related to the domain from which the script is served, such as the domain appearing in a blacklist.
3.9 Popularity
Popularity is displayed as 1 to 3 green stars and popularity level. It has a tooltip as follows:
| # Stars |
Popularity Category |
Tooltip |
| 0 | Rare | The script was found in use by less than 100 websites. |
| 1 | Uncommon | This script was found in use by approximately 100 to 10,000 websites. |
| 2 | Common | This script was found in use by approximately 10,000 to 100,000 websites. |
| 3 | Popular | This script was found in use by more than 100,000 websites |
3.10 Script behaviorsThe Script behaviors widget (shown on the right) shows all of the behaviors Source Defense has observed this particular script performing. Behaviors that have been observed are marked in red (stating "Is" doing behavior), whereas behaviors that have not been observed are displayed in grey (stating "Not" doing behavior). A green shield icon on the behavior, as seen on the top behaviors on the right, represents behaviors whose risks are mitigated due to the script policy placed on this script. This is only relevant for those using the Protect product. A yield icon on the behavior, as seen on the behavior below, represent behaviors whose risks can be mitigated if the script policy is applied to the script. The policy feature is only available for those using the Protect product.
To track and monitor script behaviors, and to learn more about them, click on any of the script behaviors found and listed in the widget. This will open the screen below. For more information on the script behaviors, see the FAQ What are observed behaviors or observed script behaviors? [FAQ] |
3.11 Script behavior details and acknowledgement screen
The script behavior acknowledgement screen (shown above) allows you to acknowledge that the newly observed behaviors have been noted and that you do not wish to be notified of them again. Source Defense Protect customers may see additional behavior management options, as shown below:
3.12 Domain info:
Domain info shows its creation and expiry dates.
3.13 Other:
You may also see SSL info if the domain is validated with a certificate.