HUMAN Code Defender

Additional Info

CompanyHUMAN Security, Inc.
Company size (employees)100 to 499
Headquarters RegionNorth America
Type of solutionCloud/SaaS


HUMAN Code Defender is a client-side web application security solution that provides comprehensive, real-time visibility and granular control into your modern website’s client-side supply chain attack surface. Using behavioral analysis and advanced machine learning, Code Defender identifies vulnerabilities and anomalous behavior, enabling enforcement of regulatory compliance. It provides comprehensive client-side mitigation, partnering granular control over legitimate JavaScript with Content Security Policy (CSP) mitigation capabilities. This multilayered protection lets security teams both block specific actions in a script without blocking the full script, and block unwanted scripts entirely.

Digital skimming is one of the fastest growing attack types, as evidenced by the acceleration of Magecart attacks and compliance penalties on major brands like Macy’s and Procter & Gamble’s First Aid Beauty. British Airways specifically faced a GDPR fine of over $220 million. Industry estimates state that about 70% of website front-end code consists of third-party scripts, creating an easy target for attackers. And according to Osterman Research, only 8% of organizations have full insight into the first-, third- and Nth-party code that runs on their web application.

Code Defender provides full visibility into the scripts running on your site including how they are interacting, additional scripts they are using, and any exposure details. These insights identify high-risk PII, PCI and vulnerability incidents so response teams can act fast and prevent data leakage or loss. The solution inventories and baselines known expected behavior, and then applies machine learning models to help identify new malicious, suspicious or anomalous behavior that warrants attention with appropriate severity levels based on the level of perceived risk to a website. Code Defender runs 24/7/365, giving security operations teams real time visibility and control over all downstream client-side risks, freeing up application development teams to focus on innovation.

How we are different

- Unmatched Accuracy: Unlike other solutions that rely only on manual code reviews or external scanners, Code Defender continuously monitors and analyzes the behavior of all client-side scripts in real users’ browsers. It runs on the Human Defense Platform, a highly accurate, self-learning solution with real-time decision-making capabilities.
- Deployment Flexibility: The Human Defense Platform offers seamless and lightweight integration with existing web or mobile applications and infrastructure, without the need to install an in-line appliance or add a reverse proxy to the traffic flow. Code Defender easily integrates into the modern tech stack and rapidly scales with businesses’ technology to match their growth.
- Real-time Security Operations and Services: HUMAN functions as an extension of an IT or security team and offers best-in-class service and responsiveness, fully tailored onboarding and 24/7/365 security analyst oversight. HUMAN’s Satori Threat Intelligence Team additionally offers data-driven, actionable, evidence-based guidance and context on investigations and bot attacks for customers (confidential) and security practitioners (public). The team has led takedowns of several cybercriminal organizations with Google, the FBI and others, including PARETO, 3ve and Methbot, that caused millions of dollars in damages.