The Code Defender setup process is closely assisted by your personal Solutions Engineer who will go through each step with you and ensure your configuration functions properly.
There are two parts to the setup process:
You can get started with the steps below.
<head> tagTo get started, you first need to create an account and log in to the HUMAN console. This gives you access to your application, dashboard, and other information you need for the rest of the onboarding process.
By now, you should have received an email from HUMAN with an invite link to the console. To set up your account:
If you don’t see an email from us, check your spam folder. If it’s still missing, contact us directly to send you a new invite.
That’s it! Once you confirm your application appears in the console, you can move on to integrating your sensor.
The HUMAN Sensor is fetched by a JavaScript snippet that goes onto the website or application that you want to monitor. The Sensor is a necessary component of the HUMAN system that collects data on script & header activity and can block malicious script actions if configured by the customer to do so.
If you’re not sure which type to use, then we recommend asking your Solutions Engineer for the one best suited for your environment and product.
<head> tag, but if that’s not possible, then it should be inserted as high up in the HTML as possible.
__pxvid cookie as a necessary cookie in your cookie management solution if you use one. Note that the cookie uses two underscores (_).After a few hours, you can check the Code Defender Dashboard, which should have data coming in from the Sensor.
Enforcers are required for Account and Bot Defender, so if you already use one of these on your application, then you can simply add the first-party snippet to your <head> tag as described above.
However, if you only use Code Defender, then you need to complete additional steps to use the first-party snippet. Please contact us for more information or support.
To implement a first-party installation without an Enforcer, you must implement a reverse proxy through your backend. This passes the request for the Sensor resource through your backend to HUMAN’s CDN. The implementation details depend on your backend architecture and, in particular, whether the first endpoint your resource requests hit is a CDN, load balancer, etc.
For example, if you serve resources through a Fastly CDN, you can set it up to proxy the sensor resource request to the HUMAN CDN. Here is an example of how it can be done with a Fastly CDN.
After a few hours, you can check the Code Defender Dashboard, which should have data coming in from the Sensor.
The Code Defender Configuration phase is primarily completed by the HUMAN team. As part of this phase, the team will ensure your Sensor is properly sending data and that the data that appears is accurate with the Tuning process.
If you ever make a significant change to your HUMAN configuration, such as adding the sensor to run on new domains, we highly recommend contacting our team at contact-support@humansecurity.com. We’ll move your configuration back to the Configuration phase to make sure data continues to appear as expected.
If you’re not sure if a change warrants a new calibration, we encourage you to reach out to HUMAN Support.
During this process, your SE will ask you for a list of domains to monitor with Code Defender. This lets us to allowlist these domains so Code Defender can intake data from the proper places in your application. Other than whitelisting domains, the HUMAN team will map your application, group scripts, and create a baseline for behavior in the Code Defender dashboard.
If you use PCI DSS, the Pages Inventory will display pages PCI DSS discovers that are likely to be your checkout pages. Be sure to check these pages for accuracy so the HUMAN team can remove or add any pages as needed.
Once we complete the initial baseline, we’ll meet with your team to present our initial results and confirm that the data that’s shown meets your expectations. After that, you’ve completed your onboarding!