All Vendors
accessibility

Silktide

Silktide exhibits full Oracle-Broker-Counselor threat convergence through accessibility testing infrastructure extended to comprehensive tracking. While marketed for compliance, runtime deploys behavioral biometrics, session recording, cross-domain sync, consent bypass, and tag manager capabilities.

78 IOCs5 detections100% pre-consent4 sites
70
Vendor Risk Score

How This Briefing Works

This report opens with key findings, then maps the gaps between what Silktide discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.

Key Findings

Key Findings

5 detections across 4 sites100% pre-consent activity
CRITICAL

Pre-Consent Activity

Silktide was observed loading and executing before user consent was obtained on 100% of sites where it was detected.

GDPRePrivacy
Disclosure Gaps

Claims vs. Observed Behavior

1 gaps

compliance_surveillance

HIGH
They Claim

Pending claims extraction

Observed Behavior

Runtime shows accessibility testing infrastructure deploying comprehensive tracking before consent

Customer Impact

What This Means For You

Compliance teams gain accessibility testing but inherit comprehensive tracking liability (Oracle/Broker/Counselor). Legal teams face exposure from consent bypass justified by accessibility requirements. Security teams must evaluate whether compliance tools require behavioral surveillance or consent bypass for core testing functionality.
Recommended Actions

What To Do About It

Role-specific actions based on observed behavior

If You Use Silktide

  • Audit accessibility testing scope - verify separation from behavioral tracking
  • Map consent bypass justification - does accessibility require pre-consent activation
  • Document cross-domain sync scope and visitor data exposure
  • Verify DPA distinguishes accessibility testing from behavioral surveillance

If You're Evaluating Silktide

  • Require consent-first behavioral tracking with accessibility testing isolated
  • Demand technical proof that accessibility compliance requires consent bypass
  • Negotiate data isolation ensuring accessibility testing separate from visitor surveillance
  • Evaluate accessibility alternatives without behavioral tracking extension

Negotiation Leverage

  • Five active BTI codes: Demand DPA addressing each threat category
  • C09 accessibility justification: Require technical validation that compliance testing necessitates consent bypass
  • C07+C08 tracking extension: Accessibility testing should not require session recording or cross-domain visitor sync
  • Request written confirmation that accessibility data remains isolated from behavioral analytics
  • Alternative: Accessibility testing without behavioral tracking eliminates surveillance surface while maintaining compliance
Runtime Detections

Runtime Detections

5 BTI-C CODES

BLACKOUT observed this vendor's JavaScript executing in a live browser and classified each hostile behavior using our BTI-C (Behavioral Threat Intelligence — Capability) taxonomy. These are not theoretical risks — each code below was triggered by something we watched this vendor's code actually do.

BTI-C06Behavioral Biometrics

Keystroke/mouse tracking

BTI-C07Session Recording

Full session replay

BTI-C08Cross-Domain Sync

Identity stitching

BTI-C09Consent Bypass

Ignoring CMP signals

BTI-C15Tag Manager

Container/loader (neutral)

IOC Manifest

IOC Manifest

78 INDICATORS

Indicators of compromise across 4 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.

TRACK
*silktide.com/wp/wp-includes/js/jquery/jquery.js*
Tracking script
TRACK
*silktide.com/wp/wp-includes/js/jquery/jquery-migrate.js*
Tracking script
TRACK
*silktide.com/app/plugins/if-so/public/js/if-so-public.js*
Tracking script
TRACK
*silktide.com/app/themes/silktide-*/assets/dist/scripts/runtime.bundle.js*
Tracking script
TRACK
*silktide.com/app/themes/silktide-*/assets/dist/scripts/app.bundle.js*
Tracking script
TRACK
*silktide.com/wp/wp-includes/js/wp-emoji-release.js*
Tracking script
TRACK
*silktide.com/app/themes/silktide-*/assets/src/js/cookie-banner/silktide-consent-manager.js*
Tracking script
TRACK
*analytics.silktide.com/*.js*
Tracking script
TRACK
analytics.silktide.com
Tracking script
TRACK
silktide.com/wp/wp-includes/js/jquery/jquery.min.js
Auto-extracted from scan
TRACK
silktide.com/wp/wp-includes/js/jquery/jquery-migrate.min.js
Auto-extracted from scan
TRACK
silktide.com/app/plugins/if-so/public/js/if-so-public.js
Auto-extracted from scan
TRACK
silktide.com/app/themes/silktide-2021/assets/dist/scripts/runtime.bundle.js
Auto-extracted from scan
TRACK
silktide.com/app/themes/silktide-2021/assets/dist/scripts/app.bundle.js
Auto-extracted from scan
TRACK
silktide.com/wp/wp-includes/js/wp-emoji-release.min.js
Auto-extracted from scan
TRACK
silktide.com/app/themes/silktide-2021/assets/src/js/cookie-banner/silktide-consent-manager.js
Auto-extracted from scan
TRACK
analytics.silktide.com/8bce2be8c07a84a70e7104634b42878b.js
Auto-extracted from scan
Ecosystem

Ecosystem & Supply Chain

Silktide operates in accessibility/compliance layer, potentially feeding data to analytics and monitoring platforms. Creates unique exposure when compliance testing infrastructure extends to behavioral tracking. Cross-domain sync enables centralized accessibility monitoring but exposes visitor behavior when sync occurs before consent.
Loads (1)
Youtube
Loaded By (1)
Googletagmanager
Evidence

Evidence Artifacts

Artifacts collected during analysis, available with evidence-tier access.

HAR Capture

Complete network capture with all requests and responses

IOC Manifest

78 detection signatures across scripts, domains, cookies, and network endpoints

Vendor Details