Reflectiz Platform

Reflectiz Platform is a web application security solution focused on third-party risk management and digital supply chain visibility. It maps an organization's entire digital supply chain across web assets, analyzing each component to identify and mitigate third-party security risks. Key functional areas: **Digital Asset Inventory:** The platform automatically discovers and inventories all digital assets present in a web environment, including scripts, tags, and third-party applications. It monitors for any new additions and provides immediate notifications when changes occur. **Third-Party Behavior Analysis:** The platform analyzes what sensitive actions third-party components perform on a website, particularly in relation to personally identifiable information (PII) and user data. It validates third-party behaviors to detect unauthorized or suspicious changes and ensures that data is only processed by authorized vendors. **Data Flow Tracking:** The platform maps where data is being sent, tracking which domains and geo-locations receive it. This allows organizations to verify that data reaches only intended recipients and does not leave the organization without consent. **Alerting and Baseline Configuration:** Users can define a security baseline representing their approved ecosystem configuration. Any deviation from this baseline — such as new scripts, tags, or apps — triggers an alert. **Malicious Domain Blocking:** The platform supports blocking of malicious domains via API commands sent to a Web Application Firewall (WAF), and can automatically inject Content Security Policy (CSP) rules into targeted web pages.