Monitor JavaScript Vulnerabilities

The Incident Inbox

All of your site’s browser events, in one location.

Skimming Code Detected https://badactor.com Found on: https://protectedsite.com

High Severity
1 Incident
Last Detected: Today

font-src third.party.com Content Security Policy Violation Found on: https://protectedsite.com

Medium Severity
1 Incident
Last Detected: Today

image third.party.com 3rd Party Web Request Found on: https://protectedsite.com

Low Severity
324 Incident
Last Detected: Today

No more issues reported

Get to know the incident inbox

Select an issue on the left and learn more about how otto categorizes the incidents and what you can do about them.

High Severity Incidents require careful review.

One example of a High Severity Incident is a Data Skimming—also known as e-skimming—attack. It's important to review these as soon as possible.

Click Block to make sure this issue gets shut down before it can cause a problem. It will always be blocked if it happens again.

Though otto may not have flagged these as imminent threats, review them carefully.

Medium Severity Incidents can come in the form of JavaScript vulnerabilities, or requests that violate your site's Content Security Policy.

Maybe this wasn't actually a problem, but you want to keep an eye on it. Click accept to allow it, but have it notify you if it happens again.

Low Severity means it's likely not an issue, but these might be of interest to you.

This example shows a 3rd Party Web Request, showing what asset was making the request and where it went. Your site probably has lots of these, but it's good to know when they happen.

You are expecting this to happen, click Ignore so you won't be alerted about it anymore.

JavaScript security and vulnerability monitoring

Static analysis, vendor audits, and whitelists aren’t enough to protect against dynamic attacks that steal money and data.

ottoBox takes the time and pain out of managing the security gap for the code you don’t own.

Protect the entire supply chain of your website

Code Injections

Data Skimming

Data Leaks

Malicious Redirects

XSS Attacks

Malware

Crypto Hijackers

Trojans

Not a security expert?
With ottoBox, you don’t have to be.

The Incident Inbox

All of your site’s browser events, in one location.

Get to know the incident inbox

High Severity Incidents require careful review.

Though otto may not have flagged these as imminent threats, review them carefully.

Low Severity means it's likely not an issue, but these might be of interest to you.

Start for free. Setup in minutes.

JavaScript security and vulnerability monitoring

Static analysis, vendor audits, and whitelists aren’t enough to protect against dynamic attacks that steal money and data.

ottoBox takes the time and pain out of managing the security gap for the code you don’t own.

Code Injections

Data Skimming

Data Leaks

Malicious Redirects

XSS Attacks

Malware

Crypto Hijackers

Trojans

Not a security expert? With ottoBox, you don’t have to be.

Get to know the incident inbox

High Severity Incidents require careful review.

Though otto may not have flagged these as imminent threats, review them carefully.

Low Severity means it's likely not an issue, but these might be of interest to you.

Start for free. Setup in minutes.

Not a security expert?
With ottoBox, you don’t have to be.