Threat Detection
Learn how cside's detection engine identifies malicious scripts and automatically alerts your team via email.
cside includes a built-in detection engine that continuously monitors third-party scripts on your site for malicious activity. When a threat is identified, cside automatically sends an email alert to all users on your team.
All user emails are automatically opted in to threat detection alerts. There is no way to opt out of these notifications — this ensures that every team member is immediately aware of potential security threats.
How it works
cside’s detection engine analyzes every third-party script loaded on your site using multiple detection methods. When a script is flagged as malicious, an alert is generated and emailed to all team members automatically.
Detection methods
cside uses a layered approach to identify malicious scripts:
Known bad sources
Scripts are checked against databases of known malicious sources, including:
- Hostnames — domains known to serve malicious content
- URLs — specific URLs that have been flagged as malicious
- IP addresses — IP addresses associated with malicious activity
Known bad payloads
Script content is compared against known malicious payloads using:
- File hashes — SHA-256 and other hash comparisons against databases of known malicious script payloads
Dynamic threat analysis
cside uses proprietary parameters to perform dynamic threat analysis on scripts, detecting threats that may not yet be cataloged in static databases.
AI-based detection
cside leverages AI models to detect novel and sophisticated threats, including:
- Obfuscated malicious code — scripts that attempt to hide their true intent
- Zero-day threats — previously unknown attack patterns
- Behavioral anomalies — scripts that deviate from expected behavior patterns
Email alerts
When a malicious script is detected, cside automatically sends an email alert to every user associated with your team. These alerts include details about the detected threat so your team can take immediate action.
Email alerts for threat detections are mandatory and cannot be disabled. This is by design — ensuring that all team members are notified of malicious scripts is critical to maintaining the security of your site.
Threat detection vs. vulnerability detection
cside offers two complementary security features:
| Feature | Threat Detection | Vulnerability Detection |
|---|---|---|
| What it detects | Actively malicious scripts | Scripts with known CVEs or advisories |
| Detection method | Known bad sources, payload hashes, dynamic analysis, AI | Version matching against vulnerability databases |
| Alert delivery | Automatic email to all users | Dashboard alerts and configured notification endpoints |
| Example | A script serving a cryptominer from a compromised CDN | lodash 4.17.21 with a prototype pollution CVE |
Both features work together to provide comprehensive protection for your site’s third-party scripts.
Thanks for your feedback!