85% of the exploits detected last year were of third-party plug-ins”

71% compromised victims did not detect breaches themselves”

“Median number of days from initial intrusion to detection 87 days”

Trustedwave Global Security report


Third party companies are often the most vulnerable link in an organization security chain and almost always the least controlled one. Instead of targeting large websites directly, various attacks have shown how effective it is to target vulnerabilities in third-party companies. Security experts agree that using third party companies as the attack vector is on the rise, expecting to keep growing. Source Defense is the first ever SAAS platform that allows a site owner to set and enforce permissions, receive real time alerts and monitor third party vendors' behavior on their site. By removing the security considerations from third party integrations, we can save countless man-hours spent on tests and integrations, allowing sites to focus on generating revenues and new opportunities while keeping the site visitors safe and the site in high performance.
As expected market response to our product is amazing, and websites can't wait to start working with our platform.


Source Defense patent pending engine allows it to react in real time to each action a script is taking. Essentially each third party script has access to see only the elements that are allowed by the administrator. This very robust and immune methodology allows Source Defense to deal with multiple attack-vectors such as DOM events, elements attributes, CSS, cookies, move elements/nodes around the DOM, block/allow URL’s and much more
User tracking prevention
Source Defense allows you to decide if you want prevent vendors from placing their cookies on your users allowing them to identify them on other sites and re targeting them
Key logging prevention
Prevent vendors from recording the user’s key strokes, allowing them to save access data to restricted areas
Deformation protection
Prevent vendors from changing areas of your site they are not supposed to access, overwriting your data and controlling your site’s content
Sensitive areas access restriction
Prevent vendors from reading areas with sensitive information in them such as user information, user names and passwords.
Click jacking prevention
Prevent vendors from capturing clicks on your pages, allowing them to override the actual destination of a click and redirect it to their pages instead.


Our team has accumulated years of experience working with enterprise clients, building complex script solutions, working in technology companies, large publishers and networks. This experience gives us a unique perspective on the third party ecosystem and makes us a tailored team to tackle this problem once and for all.

  • Hadar Blutrich

    Hadar Blutrich - C.E.O

    Hadar worked with most of the major players in the industry, formerly Chief solution architect at LivePerson; he had led projects with industry giants such as Bank of America, Chase, Verizon and others

  • Avital Grushcovski

    Avital Grushcovski - V.P Product

    Avital is an expert in ad tech systems, worked for major publishers and ad tech companies, leading major projects from concept to market.

  • Gilad Ben-Dor

    Gilad Ben-Dor - Chief Architect

    After serving in the IDF’s best computer science unit, Gilad single handedly developed the core for a major ad server. his 23 years’ experience made him the best person to serve as the guiding hand behind our engine

77 Ha’Energia, Beer-Sheva.

Source Defense address77 Ha’Energia, Beer-Sheva 8470912, Israel

Phone +972-72-255-5793