Most Flexible & No-Nonsense Solution for 6.4.3 & 11.6.1

Meet the new payment page requirements of PCI DSS 4.0.1 without breaking your back or your bank

PCI DSS 6.4.3 and 11.6.1 Requirements

Trusted By Leading US Brands

100 Billion+

CSP Reports Processed

20 Billion+

Page Views Protected

1 Million+

Remote Scans Executed

Zero-Trust & Zero-Risk Monitoring Modes

We offer two primary monitoring modes, both designed with a Zero-Trust approach to help you meet 6.4.3 and 11.6.1 compliance without adding any additional risk.

Remote Scanning

We periodically visit your payment page remotely to analyze and collect script and page data needed for security monitoring—without requiring any installation or access to your customer data.

No installation or setup needed

No access to customer data

Hourly scans

JavaScript Agent

You can self-host our JavaScript Agent on your servers to eliminate the risk of adding a new third-party script to your payment page. The communication between the agent and our servers is fully transparent and can be easily reviewed to confirm that no customer data is collected.

Option to Self-Host Agent

You have full control

Transparent communication channel

Content Security Policy

Unlimited CSP Report Monitoring complements the two primary monitoring modes, providing enhanced security coverage

Fast Onboarding

Once the monitoring is set-up, the only action needed from your end is to provide Justifications for the scripts, everything else handled by the system automatically

Only Action needed is Script Justification

Review the Script Inventory entries, provide justification for them and set their status as ‘Justified & Authorized’

Auto-generated Script Justification Suggestions

Domdog automatically suggests a Justification for most of the popular scripts, you can use this as is or as a template to create your own

Multi-site Script Justification Manager

Manage Script Justification for all your sites in minutes from a single page without performing repetitive actions

Low Maintenance

The system demands very little action from you on an ongoing basis.

Your intervention is needed only when something critical happens.

Discovery of New Scripts on Payment Pages

Script justification for new scripts discovered
Action:Review & Provide Justifications

Detection of Malicious or Suspicious Activity

Action needed for malicious scripts
Action:Investigate & Take Corrective Action

Most regular alerts are only informational

Informational scripts do not require actions

Stay on top of critical alerts.

We offer multiple channels for alert notifications. In addition to Email and Slack we also support WebHooks, so you can integrate this with any system of your choice.

  • email
  • make
  • slack
  • zapier

Single Page Evidence Report

Single Page Evidence Report Demonstration

Exhaustive Report

Includes exhaustive information about the details of the implemented security controls along with additional information like:

  • User Action Audit Trail
  • CSP Policies Discovered
  • Script URLs

Export as PDF

The single-page evidence report can be easily exported as a PDF and submitted to your auditor.

Domdog Makes Page Security Easy

Step 1

Expert Guidance

Leverage our 15+ years of front-end security expertise as we discuss your scope and deployment constraints.

Step 2

Implement Tailored Solution

We work with you to implement and fine-tune Domdog for you, making it simple to meet the 6.4.3 & 11.6.1 requirements.

Step 3

Be Audit Ready

Once everything is in place, you'll have access to your single-page evidence report from the dashboard to share with your QSAs.