Vendor Tagging

The scripts' vendors are tagged and linked to every incident that was caused by the script. A tagged vendor will be
referred to as a known vendor (not trusted). Code Defender detection considers known and tagged vendors and might change the risk
level accordingly.

Vendor Tagging List

A list of all the tagged vendors for a specific account can be found on the Vendor Tagging page, under Product Settings.

image.png

Each vendor in the table has:

  • Vendor / Service name - The assigned name for a specific vendor
  • Vendor / Service URL - The vendor domain - this field is used for the detection
  • Vendor / Service description - A short description on the vendor
  • Type - What kind of scripts this vendor is providing

By default, Code Defender tags well-known and common vendors.

Adding a Missing Vendor

Tagging Customer's Vendors

Customers can add their own information and tag specific known vendors, in order to identify scripts from vendors they are familiar with.
Tagging will affect the script's incidents risk levels.

To tag a vendor for a specific script:

  1. Analyze a script from
    a vendor you want to tag using the analyzer
  2. If the vendor is not tagged, click Add missing info.
    In the Analyzed Script & Incidents section.
    image.png
  3. In the dialog window, fill out all required fields and save.
image.png
  1. The vendor will be tagged as known (not trusted) and can be reviewed in the "Vendor tagging" table.