In short, it's your Google Analytics, your Facebook Connect, and any outside external services. Which services? They are the vendors and services you use to enhance your website, to provide your users with the best service and to monetize on it. Used for analytics, real-time chats, advertising or advance marketing; they are a must on almost every website today.
Good question, in fact, websites are doing such a good job today protecting all attack vectors that it becomes harder and harder to breach a websites security. In fact, some people think this is exactly why attacks through third-party scripts are rising. Our firewall, WAF, secure connection and many other solutions are focused on our servers and the communication between the browser and them; but as stated before, third-party scripts are executed on the user's browser but are called from a remote server, they are completely outside of our securities system's reach.
The "GDPR" or the "General Data Protection Regulation" is a set of rules and guidelines set by the EU union to protect the privacy of its citizens. Taking affect May 25th 2018, it states (in a nutshell) that a site is liable if any information able to identify an EU user is leakd outside of the EU, this also covers leaks or breaches made by third-parties used by websites. So, how can we help? As explained above (see "Why are third-party scripts dangerous?"), third-party scripts can access any field on the page, this includes any form a website has like login forms, registration forms and so on. These forms hold information that if leaked, will constituted a breach of the "GDPR". Source Defense's Vice is the only system today that allows a website owner to prevent third-party scripts from accessing sensitive areas and can protect such information.
Source Defense's Vice was built to be "transparent" to your third parties, we require no special cooperation in order to work with them.
Malvertising (a portmanteau of "malicious advertising") is the use of online advertising to spread malware. Malvertising involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages.