BlueCross BLueShield
EE logo black
form jacking diagram

How it Works

The widespread use of JavaScript services has created a blind spot for security teams — until now.

Imperva’s Client-Side Protection gives security teams visibility and control over any third- party JavaScript code embedded in your web applications. Continuously monitoring all JavaScript services, it only allows pre-approved services to execute, meaning any new JavaScript services or changes are blocked until authorized. And, if any JavaScript code is poisoned, and attempts to send data elsewhere, your security team is the first to know.

identify approve

Identify and Approve Every JavaScript Service on Your Website

The explosion of third-party JavaScript services creates a lucrative client-side attack surface.

Imperva’s Client-Side Protection identifies all third-party services on a website, allowing security teams to know which JavaScript services are present. What’s more, decisions on which discovered services to allow are informed by deep insights into their reputation, putting their approval into the hands of the security team.

continuously monitor

Continuously Monitoring for New JavaScript Services

Websites are constantly improved and updated with new code and functionality, but security teams are typically blind to the execution of new services.

With around-the-clock continuous monitoring, Imperva’s Client-Side Protection alerts security teams to any new JavaScript services being executed, blocking them until they’re approved.


Provide Actionable Insights to Security Teams

Beyond identification, Imperva’s Client-Side Protection offers detailed insights about all JavaScript services on your website, including their reputation, and the types of resources requested.

This information helps security teams reach informed decisions before approving each JavaScript service.


Safe One-Click Deployment

Using Imperva’s Cloud Application Security solution stack, deployment of Client-Side Protection is safe, simple, and fast. Detection starts in minutes, and websites receive all the benefits of extra client-side security with no additional latency.

More importantly, because it requires no code changes, it won’t break your website.

Related Content

Key Resources

CSP blog resource

Imperva Prevents Client-Side Attacks like Formjacking and Magecart

Read Blog ›
CSP capability brief resources

Imperva Client-Side Protection

Capability Brief
Read Capability Brief ›