Protect Your Website

Supply Chain Attack Detection

Your website’s security is only as strong as the weakest third party in your supply chain. If one is compromised, hackers can gain access to customer details on your website.

Am I At Risk? Magecart Monitor

How secure is your website supply chain?

A supply chain attack is one that targets vulnerabilities in common tools and resources such as chat plugins, ad providers, analytics and more.

These third parties often have scripts that load on popular ecommerce sites across the web. Yours might be one of them.

Supply-chain attacks – like those perpetrated by Magecart – then allow hackers to execute javascript on legitimate websites. Usually these scripts are designed to capture customer data like usernames and passwords, or credit card information.

Orchestrating Supply Chain Attacks

In recent years a number of hacker groups have adopted tactics such as supply chain attacks in order to steal customer data. We refer to these groups collectively as “Magecart”.

These attacks have become more frequent, and major brands have been targeted – including Ticketmaster.

Another high profile example is ad provider Adverline, breached in late 2018. Adverline’s breach compromised 277 websites using its ad software.

Push-notification provider Feedify was also targeted, with a Magecart script affecting around 300 websites using the service. Even after removing the malicious code Feedify was compromised several more times.

Whilst your customers browse and purchase on your website, scripts are loaded from third parties.

If a third party is compromised, hackers then have a way to write scripts affecting your website.

Hackers can then intercept customer card details without you even noticing.

Magecart: Are you at risk?

Discover if your business is vulnerable to this type of attack.

Am I At Risk?

Supply Chain Attack Detection

Without restrictive whitelists and tag management it’s very difficult to spot a supply chain breach. Many large sites operate dozens of third party tools in their source code, and any one could be the victim of a breach that compromises the entire parent website.

When a third-party script sends customer data to a new source – one you haven’t approved – we can detect it.

RapidSpike monitors where your website sends data.
If we see a new unknown destination, we alert you.

Simple, effective, foolproof.

Magecart Monitor »

  • Insider: Yorkshire's Most Exciting Companies
  • Northern Digital Awards 2019 Shortlist
  • KPMG Best British Tech Startup 2019: Northern Finalist
  • Prolific North Tech 100: Top 30 Companies to Watch
  • National Cyber Security Centre: Cyber Accelerator Alumni