ISM-1485 – Technical Resolution Guidance
What is ISM-1485?
Web browsers do not process web advertisements from the internet.
Background
When users visit a webpage containing advertisements, the browser fetches the ad content from the server hosting it and displays it on the page. This process typically includes loading JavaScript code, images, or other media files that form the ad.
Many browsers also offer ad-blocking features or extensions, allowing users to filter out advertisments.
Applicability
This control is relevant to the following:
- Maturity Level 1, 2, and 3 Controls
Evaluation Results
Status | Description |
---|---|
Effective | Web browsers are installed and is able to prevent more then 60% of advertisment providers. A green score indicates a satisfactory level of protection. |
Ineffective | Web browser are installed and the test is not able to prevent more then 60% of advertisment providers. |
Not Applicable | Web browser are not installed on this device. |
Testing Parameters
SecurE8 Auditor verifies which advertisment providers are permitted by running the adblocker tester on this page accross each common browser. The results during testing are saved as an artifact for you to review.
The following browsers are supported:
Make | Browser | Versions |
---|---|---|
Chrome | * | |
Microsoft | Edge | * |
Mozilla | Firefox | * |
Brave Software | Brave | * |
Remediation Steps
Method 1 Install an AdBlocker extension on each browser.
Method 2 Perform blocking at the internet gateway.
Validation Process
Validate ad blocking effectivness by using the tester on this right side of this page.
Risk Consideration
This control's risk posture balances user experience, privacy, and security, addressing risks like malvertising, privacy concerns, and ad-blocking limits, with mitigations such as ad-blocking, privacy settings, and secure browsing.
The following is a live on screen ad-blocker test. SecurE8 will capture these results and provide them in the Essential Eight report.
To ensure a smooth experience, please check the compatibility list before testing.
I ask that you please refrain from reporting them directly to the browser or adblock solution provider.
Instead, I encourage you to report problems directly to the Toolz project issues
Create issue on Toolz
Cosmetic Filter
Why Cosmetic Filter test fails?
If a cosmetic filter test fails, it simply means that the specific website being tested (in this case secure8.app) isn't included in any of adblock's rules or lists.
It's important to note that this does not mean that cosmetic filtering fails on all websites.
You can confirm this by visiting a popular, ad-rich site where you're unlikely to see any ad boxes.
The purpose of this test is to assess the functionality of the blocking feature, not to determine its scope or coverage. By adding the following rules to your adblock solution, you may be able to solve the problem:
secure8.app##.adbox.banner_ads.adsbox
secure8.app##.textads
Adding these rules could lead to a successful test result proving your adblock solution have that feature of blocking with cosmetic filters
Ad Scripts Loading
Why Ad Script Loading test fails??
Same as the cosmetic tests. If an ad script load test fails, it usually means that the specific website being tested isn't covered by any of adblock's rules or lists, especially for blocking ad-related scripts like my fake ads.js
However, this error doesn't indicate a general failure of ad script blocking on all websites.
To check, you can visit a popular website known for its abundance of ads scripts.
Chances are that you won't encounter any blocked ad scripts. It's important to understand that this test is designed to evaluate the functionality of ad script blocking, not its scope or effectiveness. To potentially fix the problem, consider adding the following rules to your adblock solution:
/pagead.js$domain=secure8.app
/widget/ads.
Adding these rules could lead to a successful test result proving your adblock solution have that feature of blocking script loading