A large percentage of web based attacks can be avoided with careful planning and implementation of the website's code. However, a large portion of attacks directly target the user's browser, where the protection imprinted into the server side architecture is many times not enough. This is the area where SessionBox helps you. A number of different attack methods base their attack vector on the fact, that users are already logged into other websites. Let's take an example. You are probably logged into Facebook. When you visit a site - let's call it example.com - this site runs many scripts inside your browser. Where you have active sessions for Facebook.com. This means that example.com can for example send requests to Facebook.com - where you are already authenticated - and make actions on your behalf. Moreover, example.com might be a trusted site, but they can also be attacked, and if they are not prepared against XSS attacks, a savvy hacker can inject their scrip