All Vendors
abm

RollWorks

RollWorks (now branded AdRoll ABM, owned by NextRoll) is an account-based advertising platform that deploys a tracking pixel on customer websites to identify companies, build behavioral profiles, and retarget visitors across ad networks. NextRoll operates a cross-device identity graph built from hashed emails and persistent identifiers, enabling visitor tracking that survives cookie deletion. The platform explicitly markets itself as capable of reaching visitors who block ads or reject cookies via server-side tracking, directly circumventing user-expressed privacy preferences.

3 IOCs
0
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what RollWorks discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Analysis pending. Findings will appear here once intelligence collection is complete.

Disclosure Gaps

Claims vs. Observed Behavior

2 gaps

pending

MEDIUM
They Claim

Awaiting scanner verification

Observed Behavior

RollWorks pixel runtime behavior, cookie deployment timing relative to consent, and cross-device graph contribution patterns require direct observation via BLACKOUT scanner

pending

HIGH
They Claim

Cross-device identity graph scope

Observed Behavior

Full scope of data sharing between RollWorks ABM pixel data and AdRoll consumer retargeting network needs runtime verification

Customer Impact

What This Means For You

If you visit a website running the RollWorks pixel, your browsing behavior is captured and fed into NextRoll's cross-device identity graph. If you have ever interacted with any site in the NextRoll network (including AdRoll-powered retargeting), your hashed email and device identifiers may already exist in the graph, enabling cross-site profile linking. You will be retargeted with display advertising across the web based on your visit. If you use ad blockers, NextRoll's server-side tracking infrastructure is designed to circumvent those preferences. For organizations deploying RollWorks: your website visitors' data contributes to NextRoll's broader identity graph shared across all NextRoll customers, meaning you are feeding a shared surveillance infrastructure, not just your own ABM program.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

Recommended Actions for RollWorks

  • Audit whether the RollWorks pixel loads before or after consent is collected on your website. Review your privacy policy to confirm NextRoll/RollWorks is disclosed as a data processor with cross-device tracking capabilities. Assess whether visitor data contributed to the NextRoll identity graph can be retrieved or deleted upon request. Evaluate the data sharing relationship between your RollWorks ABM deployment and the broader NextRoll/AdRoll network. Confirm that state-specific data collection blocks (Colorado, Connecticut) are properly applied to your deployment. Request documentation on exactly what data from your website enters the shared identity graph versus staying within your account.

Negotiation Leverage

  • RollWorks' leverage point is the shared identity graph. Data collected on your website feeds NextRoll's cross-network identity asset used by all their customers. When negotiating: demand contractual isolation guaranteeing your visitor data does not enrich the shared identity graph. Require pixel deployment to be consent-gated with no pre-consent data collection. Push for transparency on which data points from your deployment enter shared NextRoll infrastructure versus remaining account-isolated. The platform's 30-day privacy notice requirement demonstrates they expect regulatory scrutiny -- use this as leverage to demand stricter data handling terms. RollWorks competes directly with Demandbase and 6sense for ABM ad budgets, giving you alternatives that create real switching leverage.
IOC Manifest

IOC Manifest

3 INDICATORS

Indicators of compromise across 2 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

No indicators in this category

Ecosystem

Ecosystem & Supply Chain

RollWorks operates within the NextRoll ecosystem alongside AdRoll, sharing identity graph infrastructure and ad serving capabilities. CRM integrations include Salesforce and HubSpot for account matching and campaign attribution. The platform connects to marketing automation tools for lead routing based on account engagement. RollWorks deploys advertising across programmatic display networks, social platforms, and its own ad exchange. The NextRoll identity graph spans both RollWorks (B2B ABM) and AdRoll (B2C retargeting), creating a cross-context identity asset. RollWorks is commonly deployed alongside other ABM tools (Demandbase, 6sense) as the advertising execution layer, meaning account identification signals from multiple platforms converge on the same ad targeting infrastructure.
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

3 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details