Jscrambler Recognized as a Sample Vendor in 2022 Gartner® Hype Cycle™ for Application Security

Jscrambler was recognized as a Sample Vendor in the 2022 Gartner Hype Cycle for Application Security.

Each year, Gartner creates more than 100 Hype Cycles across various domains to help clients track the maturity and future potential of innovations.

The Hype Cycle for Application Security, 2022 edition, states that:

“Client-side attacks have proliferated recently, exploiting the increasingly decentralized design of modern applications. In particular, single-page applications migrate the control and software logic on the client side, where it is exposed to attacks. For example, by injecting malicious scripts into JavaScript applications, attackers have lured thousands of visitors to banking and online commerce websites into handing over their credit card information. Client-side security innovations protect from attacks by monitoring the activity and detecting malicious actions and components.”

Jscrambler in the Web App Client-side Protection category

Jscrambler is pleased to be included as a Sample Vendor in the Web App Client-Side Protection category.

We think it’s important to shed light on the growing importance of this frequently overlooked security threat.

Most of the attention in recent years has been paid to network and server-side security, which is good and necessary. Unfortunately, the client side is often left behind, and it shouldn't be since it is a huge attack surface that provides an easy front door for adversaries.

The report gives Web App Client-Side Protection a high benefit rating and indicates 5%–20% market penetration.

When you consider that any enterprise that has a public-facing application on its website is a target, much can and should be done to close this security gap.

In the report, based on the analysis done by Dionisio Zumerle, he recommends that organizations implement client-side security protection for critical web applications that are used to carry out bookings or transactions. Do so by monitoring JavaScript and identifying malicious, unsanctioned, or abnormal behavior.

We couldn’t agree more with this.

All application components that are running on the client side create a significant security blind spot. The average website today runs dozens of third-party scripts, representing about 70 percent of the code of all web applications.

While these scripts were likely voluntarily added by companies to improve the users’ experience or collect data, security teams often don’t know what all the scripts are doing or how they’re accessing user or company data.

Since there is little visibility into client-side activity, any threat or misconfiguration that leaks data can go unnoticed for long periods of time and have a huge impact on the company. Learn more about how your code dependencies expose you to web supply chain attacks.

We recommend that organizations get control over their client-side security to avoid data leakage, financial and reputational damage, and regulatory fines. Start by taking inventory of your website scripts with a technology that:

• Monitors every user session in real-time to detect malicious scripts and their sources.
  
  

• Reacts with a fine-grained rules engine that provides full control over every script, enabling you to block suspicious outbound activity.
  
  

Experience the power of Jcrambler’s web application client-side protection today.

Gartner Disclaimer

Gartner and Hype Cycle are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission.

All rights reserved. Gartner does not endorse any vendor, product, or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designations. Gartner's research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.