Additional Info

Company size (employees)50 to 99
Headquarters RegionNorth America


Source Defense is a security, compliance, and performance optimization platform for any website that collects sensitive data. It addresses a ubiquitous gap in the management of third-party digital supply chain risk with a zero-trust model that extends security beyond the network to the client-side. Source Defense is the leader in what Gartner has dubbed “web application client-side protection.” The platform protects leading organizations in financial, healthcare, hospitality, and retail markets from the threat of JavaScript-based attacks such as Magecart, digital skimming, credential harvesting, and click-jacking.

Powered by the Source Defense Platform, its comprehensive product suite – the ADMIN management console, the VICE prevention and protection solution, and the Website in Page Protection (WiPP) solution – detects client-side threats, protecting online businesses, their websites, and their customers before they’re affected while simultaneously improving operational efficiency and providing an optimal user experience.

Founded in 2014 and headquartered in Israel and the U.S., Source Defense protects approximately 1.5 billion monthly visitors on customers’ websites by detecting and securing hundreds of third-party scripts. The company has established an extensive channel program with well-positioned resellers and distributors, as well as several strategic partnerships with major forces in security – including Optiv, SecurityScorecard, Fastly, Signal Sciences, Outpost24, and the PCI Security Standards Council.

Source Defense has enjoyed tremendous momentum and growth over the past three years – achieving over 250% year-over-year growth in Annual Recurring Revenue (ARR) in 2019/2020, an even higher growth in bookings including multi-year deals, and 100% customer retention. The company is also continuously expanding its talent pool and doubling down on growth in its sales, marketing, and support teams.

Complementing its innovative offerings, Source Defense holds a monthly Cyber Academy featuring interactive sessions for website security professionals that provide all the basic and intermediate knowledge and controls needed to understand client-side security.

How we are different

• While security measures such as application security validation or dynamic application security testing are able to evaluate the integrity of the designed JavaScript call function, they are not designed to test every use case or operate dynamically, nor can they test the code residing on a third-party or fourth-party remote server or provide real-time scanning of all web traffic.

Similarly, content security policy (CSP) and subresource integrity (SRI) features can be powerful tools for website protection and data management, but their significant shortcomings such as limited threat protection, time-to-market delay, etc. impact website owners’ ability to use them effectively against top client-side attacks.

Finally, detection-only solutions can monitor and alert about suspected malicious code in JavaScript running on the client-side, but they don’t prevent an attack from being successful.

• In contrast, the Source Defense first-of-its-kind, patented Website Client-Side Security Platform detects, protects, and prevents client-side web app attacks without adding operational burden for the cybersecurity team, slowing time-to-market with new third-party capabilities or content, generating thousands of false positives that must be investigated, or negatively impacting website performance or customer experience.

Based on machine learning and industry best practices, Source Defense’s prevention-first solution uses real-time, client-side sandboxing in conjunction with permissions-based isolation and reflection to prevent successful data exfiltration or leakage and to provide customers with a fully automated and dynamic set of rules and policies that control access and permissions of first-party Scripts and all JavaScript-based third-party tools operating on their website.

• As the market leader, Source Defense is protecting nearly 1.5 billion monthly site visits and transactions for some of the world’s largest businesses. The firm has not only eliminated risks and thwarted attacks for early adopters, but also prevented approximately 2 billion JavaScript violations of security and compliance policies from occurring in the process.