How it works in practice

Example of detected incident

When someone tries to inject malicious code into your payment page, Firstoken Monitor will detect the violation and you'll receive a report like this:

{
  "referrer": "https://your-store.com/",
  "blocked-uri": "inline",
  "disposition": "enforce",
  "line-number": 15,
  "source-file": "https://your-store.com/checkout/payment",
  "status-code": 200,
  "document-uri": "https://your-store.com/checkout/payment",
  "script-sample": "",
  "original-policy": "default-src 'self'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; frame-ancestors 'self'; frame-src 'self'; child-src 'self'; worker-src 'none'; report-uri https://monitor.firstoken.co/v1/pages/E8178B09AF?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "violated-directive": "script-src-elem",
  "effective-directive": "script-src-elem"
}

What does this report mean?

  • An unauthorized inline script attempted to execute on line 15

  • The CSP successfully blocked the execution (disposition: enforce)

  • The incident was automatically reported to Firstoken Monitor

  • Your team received an immediate email alert

Types of attacks we detect

Firstoken Monitor's advanced analysis engine can identify and classify multiple types of security threats:

High Priority Violations:

  1. Nonce/Hash Violations: Compromised security tokens or integrity checks.

  2. XSS Script Injection: External malicious JavaScript injection.

  3. XSS Inline Script Injection: Unauthorized inline script execution.

Code Injection Attacks:

  1. Not permitted use of Eval(): Dangerous eval() function usage.

  2. XSS Data Injection: Data-based cross-site scripting attempts.

  3. Iframe Injection: Malicious iframe embedding.

  4. Style Injection: CSS-based attacks.

  5. Inline Style Injection: Unauthorized inline styling.

  6. Malicious Worker: Web worker exploitation.

Advanced Threats:

  1. Data Exfiltration: Unauthorized data transmission attempts

  2. Clickjacking: UI redressing attacks

  3. Not allowed Image: Suspicious image loading from unauthorized sources

Each detected violation is automatically classified, prioritized, and reported with detailed context to help your security team respond quickly and effectively.

PreviousStep-by-Step SetupNextPCI DSS 11.6.1 Compliance

Last updated

Was this helpful?