Client-side Mitigation

Client Side Mitigation (CSM) is a client-side JavaScript-based blocking functionality. This provides granular control over legitimate scripts, so the customer can add specific actions to the denylist and enforce compliance with PCI, PII, and other privacy regulations.
Security teams can add to denylist specific actions and stop scripts from accessing sensitive PII and PCI information without removing or disabling the script entirely.
This lets third-party scripts, such as Google Analytics, continue to receive approved events and data points, while blocking access to sensitive data fields, like emails, phone numbers, credit card information, and SSN.

How does CSM work?

In essence, our Client Side Mitigation solution is based on the browser native object extension mechanism and wrapped browser objects. This allows us to observe and prevent (if necessary) actions such as field value access, network requests, and Cookie setter.

📘

Note

If CSM is not enabled on your account, reach out to your Technical Account Manager.

How to add actions to a deny list

1. Either on the Dashboard or the Analyzer screens, click an incident. In the menu that opens, select Add to deny list (block incident).

2. In the Block & Add to denylist window that opens, click Add to denylist

A new mitigation rule is added to the list of rules.

To view and delete denied actions, go to the Deny List page.
Since actions can be related to more than one incident, adding an incident to the denylist also affects other incidents.