All Vendors
marketing_automation

Insider

Insider deploys a comprehensive JavaScript Web SDK that captures detailed user attributes, behavioral events, and interaction data across websites. The platform operates as an AI-native Customer Data Platform (CDP) that unifies zero, first, second, and third-party data into unified customer profiles. The SDK powers real-time personalization, web push notifications, predictive segmentation, and cross-channel journey orchestration — meaning every interaction on an Insider-deployed site feeds a deep learning engine that predicts future behavior and modifies the user experience in real time.

2 IOCs
0
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Insider discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Analysis pending. Findings will appear here once intelligence collection is complete.

Disclosure Gaps

Claims vs. Observed Behavior

4 gaps

pending

HIGH
They Claim

Web SDK pre-consent data capture scope

Observed Behavior

Awaiting scanner verification of which events and attributes the SDK captures before consent is granted

pending

HIGH
They Claim

Service worker persistence via web push

Observed Behavior

Service worker installation for push notifications creates persistent device presence that needs forensic analysis

pending

MEDIUM
They Claim

Third-party data activation flows

Observed Behavior

The 100+ integration ecosystem and bidirectional warehouse connections require mapping to understand full data flow chains

pending

MEDIUM
They Claim

AI model training data sources

Observed Behavior

Whether predictive models are trained on cross-client data or isolated per-customer needs verification

Customer Impact

What This Means For You

If Insider is deployed on a website you use, the platform is capturing every meaningful interaction — what you view, what you click, what you search for, what you add to cart, and how you navigate. This behavioral data feeds an AI engine that predicts your future behavior, estimates your purchase likelihood, and automatically modifies what you see on the site. The personalization means you are not seeing the same website as other visitors; your experience is being shaped by Insider's algorithms based on your behavioral profile. Beyond the website, your data may flow through 100+ integrations to CRM systems, ad platforms, data warehouses, and communication channels — creating a cross-channel profile that follows you across email, SMS, push notifications, and paid advertising.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

Recommended Actions for Insider

  • - Inspect websites for Insider Web SDK deployment and assess what behavioral events are being captured before consent - Review whether web push notification opt-in installs a persistent service worker on your device - Assess the scope of Insider's 100+ integrations on sites you interact with to understand where your behavioral data flows - Request transparency on whether AI predictive models are trained on cross-client aggregated data or isolated per customer - Monitor for cross-channel identity unification that links your web behavior to email, SMS, and push notification interactions

Negotiation Leverage

  • Insider is a well-funded AI-native CDP with deep behavioral data collection and predictive capabilities. Key leverage points: (1) The AI-driven personalization engine modifies user experience without transparency — demand disclosure of what algorithms are influencing what visitors see. (2) The 100+ integration ecosystem with bidirectional data flows creates consent propagation challenges — require mapping of exactly which systems receive behavioral data. (3) Web push service workers create persistent device presence beyond browser sessions. (4) Predictive analytics (purchase propensity, churn prediction) represent algorithmic profiling that may trigger GDPR Article 22 automated decision-making provisions.
IOC Manifest

IOC Manifest

2 INDICATORS

Indicators of compromise across 2 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

No indicators in this category

Ecosystem

Ecosystem & Supply Chain

Insider operates as a full-stack customer experience platform with 100+ integrations across CRM (Salesforce, HubSpot), analytics (Google Analytics, Mixpanel), paid advertising (Google Ads, Facebook Ads, TikTok), e-commerce (Shopify, Magento), data warehouses (BigQuery, Snowflake), and communication channels (email, SMS, WhatsApp, web push). The platform's bidirectional data warehouse connections enable both data ingestion and export. Insider has raised $121 million in funding and claims enterprise clients across retail, travel, finance, and media. Common co-deployments include Google Tag Manager, Google Analytics, Facebook Pixel, and various e-commerce platforms.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

2 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details