How it Works
The widespread use of JavaScript services has created a blind spot for security teams — until now.
Imperva’s Client-Side Protection gives security teams visibility and control over any third- party JavaScript code embedded in your web applications. Continuously monitoring all JavaScript services, it only allows pre-approved services to execute, blocking any new JavaScript services or changes are blocked until authorized. And, if any JavaScript code is poisoned, and attempts to send data elsewhere, your security team is the first to know.
Identify and Approve Every JavaScript Service on Your Website
The explosion of third-party JavaScript services creates a lucrative client-side attack surface.
Imperva’s Client-Side Protection identifies all third-party services on a website, allowing security teams to know which JavaScript services are present. What’s more, decisions on which discovered services to allow are informed by deep insights into their reputation, putting their approval into the hands of the security team.
Continuously Monitoring for New JavaScript Services
Websites are constantly improved and updated with new code and functionality, but security teams are typically blind to the execution of new services.
With around-the-clock continuous monitoring, Imperva’s Client-Side Protection alerts security teams to any new JavaScript services being executed, blocking them until they’re approved.
Provide Actionable Insights to Security Teams
Beyond identification, Imperva’s Client-Side Protection offers detailed insights about all JavaScript services on your website, including their reputation, and the types of resources requested.
This information helps security teams reach informed decisions before approving each JavaScript service.
Safe One-Click Deployment
Using Imperva’s Cloud Application Security solution stack, deployment of Client-Side Protection is safe, simple, and fast. Detection starts in minutes, and websites receive all the benefits of extra client-side security with no additional latency.
More importantly, because it requires no code changes, it won’t break your website.
