Imperva Client-Side Protection

Additional Info

Company size (employees)1,000 to 4,999
Type of solutionSoftware


The widespread use of JavaScript services on web applications has created a blind spot for security teams—until now.

Imperva’s Client-Side Protection gives security teams visibility and control over any third party JavaScript code embedded in their web applications.

Imperva’s Client-Side Protection continuously monitors which JavaScript services are present and only allows those pre-approved to execute. Better still, any new service or changes are blocked until authorized, and if any JavaScript code is poisoned and attempts to send data elsewhere, your security team is the first to know.

Deployment of Imperva’s Client-Side Protection is both safe, simple and fast using Imperva’s Cloud Application Security solution stack. Detection starts in minutes, and websites receive all the benefits of extra client-side security with no additional latency. More importantly, because it requires no code changes, it won’t break your website.

How we are different

- Identify and approve every JavaScript service on your website: During Discovery, Imperva’s Client-Side Protection identifies all third-party services on the website. This visibility allows the security team to easily know which JavaScript services are present. In addition, the deep insights into the reputation of each discovered service help decision making on which to allow. Ultimately, the approval of each service is in the hands of the security team.

- Continuously monitor for new JavaScript services: Imperva’s Client-Side Protection works around the clock. With continuous monitoring, the security team is alerted to any new services being executed, and all new services are automatically blocked until approved by the security team.

- Provide actionable insights to security teams: Beyond identification, Imperva Client-Side Protection offers detailed insights into all JavaScript services on your website. The reputation of every service is provided and the types of resources requested are known. Rich information is provided to help security professionals make informed decisions before approving each JavaScript service.