If you have a full protection license, and you have been accepting the recommended policies from Source Defense, you can rest assured that your website is protected from potential malicious behavior from scripts as best as possible without interfering with the functionality.
Regardless of your license, (whether it includes the Detect or Protect product,) you may follow the instructions below to monitor the observed script behavior and receive notifications of new behaviors.
If you have payment pages on your website, one must monitor these behaviors of scripts on those payment pages, in order to be compliant with PCI DSS 4.0, particularly to fulfill the requirement 6.4.3 of script integrity.
Monitoring script behavior
Source Defense continuously monitors the scripts running on your website and tracks it's behaviors and characteristics identified. Click here to read what are observed script behaviors and which Source Defense track.
When new script behaviors are identified, the notification bell icon, as seen in the image below, will represent these new findings. Note that the number in the icon will represent the total number of new observed scripts behaviors plus the number of scripts with a pending recommendation, the latter only relevant for the Protect product.
When hovering over the above bell icon, the Notifications overlay will appear. When clicking on the "new script behavior detected" you will be redirected to the Script List, filtered with new observed behaviors only, as seen in the image below.
Note that this display can be reached also by simply selecting the "New behaviors only" checkbox in the Scripts list view.
In order to see details on the newly found script behaviors, click on one of the scripts and drill down to reach the script page. Click here for more information on Scripts.
The Script Behaviors widget is on the right-hand side of the Script Detail page. Newly detected behaviors are listed first with the date the behavior was first identified. Click the "Manage" button to acknowledge script behaviors.
After clicking the 'Manage' button either from the Script behaviors widget or from the Status widget on it's left, the screen below with the details on the behaviors will appear.
The behavior detail view will show any new behaviors performed by the script in question with details such as the date the behavior was detected and what types of form elements (user inputs within a webpage) related to the detected behavior.
Clicking the "Acknowledge behaviors" button will cause Source Defense to treat these behaviors as the baseline for this script moving forward. Only new behaviors will be reported in the future.
Note that events who's behaviors are all acknowledged will automatically receive an acknowledged status as well, as seen below.
If you are a Source Defense Protect customer, you may have access to additional options such as managing script behavior with a policy, blocking script functionality altogether, or others.