Skip to main content

How do I automate script justification?

  • Updated

Overview

The Automatic Script Justification feature helps you streamline script management by automatically applying justifications to both first-party and third-party scripts.

Instead of manually reviewing and justifying each script, Source Defense can handle this for you using:

  • AI - based analysis
  • Predefined justification managed by our research team

This reduces manual effort and helps maintain consistent governance across your site.

 

How It Works

When enabled, the system will:

  1. Detect scripts running on your website
  2. Analyze each script using Source Defense security and behavior analysis
  3. Automatically apply a justification after a configurable delay

 

Delay & Evaluation Process

  • The minimum delay for auto-justification is 24 hours (1 day)
  • During this time, Source Defense performs continuous analysis of the script, including:
    • Detecting critical behaviors
    • Identifying if the script’s domain is blacklisted
    • Monitoring communication with other domains, including third-party calls

If any issues are identified during this evaluation period:

  • The script will not be auto-justified
  • It will require manual review and justification

This ensures that automation does not override important security findings.

 

How to Enable Auto-Justification

  1. Go to your Site Settings
  2. Navigate to the Automation tab
  3. Under Script Justification:
    • Select “Auto Accept SD Justification for scripts”
    • Set your preferred delay (minimum: 1 day)
  4. Save your changes

What Happens After Enabling

  • Newly detected scripts will enter a pending state

  • During this time, you may see the message:

    “This script will soon be auto justified by the system”

  • After the delay:
    • If no issues are found → justification is applied automatically
    • If issues are detected → script requires manual action
  • All automatic actions are logged as performed by system

 

When Auto-Justification Will NOT Apply

Auto-justification is skipped if:

  • The script is detected with critical behaviors
  • The script’s domain (or a domain it communicates with) is blacklisted
  • Justification is configured at the first-party file level

In these cases:

  • The script will remain unjustified
  • You must review and justify it manually

 

Auto-justification applies not only to newly detected scripts, but also to existing scripts that have not yet been justified.

 

Best Practices

  • Review scripts flagged with critical behaviors promptly
  • Periodically audit justifications for compliance and accuracy