Imperva Cyber Community

Hello,

has anyone of you experience with the snippet injection policy? What is the intention of this sort of policy?
The online help shows following: Snippet Injection policies are used in conjunction with Fraud Prevention Services (FPS) that are configured in ThreatRadar. As a result, these policies require enabling of cookies and JavaScript on the client browsers. To block or alert, you need to additionally create a Web Custom policy and configure it with the Fraud Prevention Results criteria. Snippet Injection policies are not applied to Server Groups in Simulation mode.
I also can find not really much about Fraud Prevention Services - or is CAPTCHA services or ThreatRadar meant?

Thanks in advance
#CloudWAF(formerlyIncapsula)
#On-PremisesWAF(formerlySecuresphere)

Hi Haupt,

Did you get any insight into your query?

I wanted to call out 2 great resources regarding Imperva's Fraud Prevention products. Check out the webinar recordings below. If you still have questions, feel free to add under the recordings, or comment further here.

Webinar Recording - ATO and ABP New Features and Roadmap for Online Fraud Prevention

OFP Online Fraud Protection - How Imperva has your back *Webinar Recording*

Thanks for posting,
Sarah

------------------------------
Sarah Lamont
Digital Community Manager
------------------------------

Original Message:
Sent: 10-28-2022 07:50
From: Haupt Cont
Subject: Sense of Snippet Injection Policy

Hello,

has anyone of you experience with the snippet injection policy? What is the intention of this sort of policy?
The online help shows following: Snippet Injection policies are used in conjunction with Fraud Prevention Services (FPS) that are configured in ThreatRadar. As a result, these policies require enabling of cookies and JavaScript on the client browsers. To block or alert, you need to additionally create a Web Custom policy and configure it with the Fraud Prevention Results criteria. Snippet Injection policies are not applied to Server Groups in Simulation mode.
I also can find not really much about Fraud Prevention Services - or is CAPTCHA services or ThreatRadar meant?

Thanks in advance
#CloudWAF(formerlyIncapsula)
#On-PremisesWAF(formerlySecuresphere)

HI Haupt,

The snippet injection policy is used to profile and fingerprint clients. 

A snippet of javascript is injected into the response. The client must process this script and return proof of a work. (a token)

There are many parameters, or unique values that can be derived from JS. To see an example of some of the information that can be collected from a client via JS, please visit: https://amiunique.org/ and click "view my browser fingerprint". 

Imperva CloudWAF injects this JS into the response automatically, where as it must be configured manually with WAF GW. (securesphere)


------------------------------
JairedAnderson
Imperva
------------------------------

Original Message:
Sent: 10-28-2022 07:50
From: Haupt Cont
Subject: Sense of Snippet Injection Policy

Hello,

has anyone of you experience with the snippet injection policy? What is the intention of this sort of policy?
The online help shows following: Snippet Injection policies are used in conjunction with Fraud Prevention Services (FPS) that are configured in ThreatRadar. As a result, these policies require enabling of cookies and JavaScript on the client browsers. To block or alert, you need to additionally create a Web Custom policy and configure it with the Fraud Prevention Results criteria. Snippet Injection policies are not applied to Server Groups in Simulation mode.
I also can find not really much about Fraud Prevention Services - or is CAPTCHA services or ThreatRadar meant?

Thanks in advance
#CloudWAF(formerlyIncapsula)
#On-PremisesWAF(formerlySecuresphere)