Blueclosure is a suite of products that represents a JavaScript Security Platform for developers, auditor, testers, SOC in order to identify, detect and response to JS security flaws in the code BC Detect Enterprise is a product designed to automate client-side JavaScript security analysis, and to provide continuous integration with DevOps teams for testing Web client side security issues.

1. J AVA S C R I P T S E C U R I T Y
BLUECLOSURE
BULLETPROOF YOUR CODE.
PROTECT YOUR USERS.
www.blueclosure.com
BC DETECT BC DETECT ENTERPRISE
THE LEADING PLATFORM FOR
JAVASC R IP T SE C URITY

2. AUTOMATION
Client Side scanner
Control & Orchestrate
View Alerts
BC DETECT ENTERPRISE
NEW SCAN
function setMessage() {
var t = location.hash.slice(1);
$(”div[id=” + t + “]”).html(”Message from
the name” + window.name);
}
$(document).ready(setMessage);
$(window).bind(“hashchange”, setMessage)
HTTPS://WWW.WEBSITE.COM
BC DETECT ENTERPRISE
Bc Detect Enterprise is a product designed to automate client-side JavaScript security
analysis,and to provide continuous integration with DevOps teams for testing Web client
side security issues.
SCANNING AUTOMATION: BC Detect Enterprise comes with a spider engine able to crawl all the web pages of a
domain simulating the user interaction.It can analyse at run time all the code that is running on the DOM of the browser
automatically.
EXPLOIT GENERATOR: BC Detect Enterprise has now the ability to create a Proof of Concept that can demonstrate the
attack for consultants who aren’t JavaScript experts but who come across potential issues whilst on other tests.It is also
able to automatically label findings on successful exploit execution.
REPORT GENERATOR: it is possible to export the results of a scan in PDF or CSV format.Auditor report comprise the list
of all vulnerabilities with exploits PoC.Developer report focuses on all the information useful to fix the vulnerabilities.
DUPLICATES HANDLING: duplicates are automatically aggregated to a single one saving the time spent in reviewing all
results.This is also useful on DevSecOps environments.
DevSecOps INTEGRATION SERVICES: the product comes with REST API giving users the chance to have full scan
control,findings notification and details analysis and exfiltration.
The following are the features of BlueClosure BC Detect Enterprise.

3. HTTPS://WWW.WEBSITE.COM
Client Side scanner
Control & Orchestrate
View Alerts
OPERATOR
BC DETECT BROWSER
BC DETECT
BC Detect (DOMinatorPro NG) helps security testers to analyse and automatically discover
DOM Based Cross Site Scripting issues thanks to its IAST Engine together with the Smart
Fuzzer module.
Blueclosure is a suite of products that represent a JavaScript security platform for developers, auditor,
testers, SOC in order to identify, detect and response to JavaScript security flaws in the code.
DISCOVER JAVASCRIPT FLAWS BEFORE ANYONE ELSE DOES
Client side vulnerabilities like DOM based Cross Site Scripting (XSS) are currently the most widespread advanced attacks.
FIND CLIENT SIDE VULNERABILITIES EASILY
Dynamic execution flows,browser quirks,different interpreters:few of the many factors that add up to the inherent difficul-
ty to pinpoint JavaScript security flaws.Conventional tools cannot find them:and if you can't find a flaw,you can't fix it.
A DIFFERENT APPROACH FOR THE DETECTION
BlueClosure BC Detect implements a IAST approach with runt time anlysis of the data flow that is running on the browsers.
BCDetect uses taint propagation so it is 100% sure the final data is controllable by a source.
USEFUL INFORMATION FOR A EASY FIXING
BCDetect adds more information about where the issue happens on the JavaScript code.That will help devs to give more
information about specific code fixing and the data flow.

4. J AVA S C R I P T S E C U R I T Y
BLUECLOSURE
BlueClosure is a registered trademark by Minded Security
Minded Security UK Limited
66 College Road, Harrow Middlesex. HA1 1BE
London - UK
VAT: UK 194 1370 06
Minded Security Srl
Via Duca D’Aosta, 20 - 50129
Firenze - Italy
More information:
info@mindedsecurity.com
http://www.mindedsecurity.com
Minded Security © 2017 - All rights reserved