HUMAN Security Q1 2025 Product Updates

At HUMAN Security, we’re focused on staying ahead of evolving threats by delivering solutions that protect every critical layer of the digital experience. From bot defense and account protection to ad fraud and client-side security, we continue to innovate so our customers can navigate current and future threats with confidence.

In this update, we’re highlighting the latest advancements across the Human Defense Platform, including enhanced policy tools, expanded threat intelligence, new advertising protections, and streamlined deployment capabilities. Whether you’re using one HUMAN solution or the full platform, these updates are designed to help you move faster, stay safer, and maintain trust in an increasingly complex digital world.

If you’d like to learn more about any of these features, please contact your account representative or fill out this form to connect with us.

Account Defender

Advanced Policy Simulation and Comparison
Understand the impact of your policies before they go live. Customers can create a new policy or modify an existing policy, and then see how many accounts would have been flagged for review and what mitigation actions would have been triggered had this policy been active previously. This allows your teams to:

• Create and test new policies: See how a brand-new policy would have worked.
• Modify existing policies: See how changes to current policies would have affected  their flagged accounts and mitigation actions.
• See the impact: Compare the results of their changes to their existing policies.
• Understand more: Get a detailed look at how their policies affect single and network policies, and different types of attacks like ATO and fake account creation.
• Get fast results: See results in under two minutes, even with a week’s worth of data

New Built-In Mitigation Action: “Alert User” Passive Email Notification
A new built-in mitigation action, “Alert User” by email (passive), is now available in policy rules. This passive email mitigation action is a proactive security measure designed to inform end users about suspicious or potentially fraudulent activity detected on their accounts and provide important context about the activity, without requiring immediate action from the end user. This helps users stay informed while minimizing friction. Please speak to your account manager for more information.

Bot Defender

HUMAN Sightline
HUMAN Sightline is a new set of capabilities in Bot Defender that provides AI-driven insights to detect and track specific attackers. The solution isolates your automated traffic into distinct attack profiles so you can uncover in granular detail what each individual attacker is doing on your application. Analysts can see key details for each profile, including its top routes, ASNs, IPs, regions, actions it took, and reasons it was flagged as a bot. Check out the blog post and technical documentation to learn more.

Updated Policy Engine
We have launched an updated policy screen, which includes advanced conditions and an easy-to-use drag and drop functionality. This update streamlines page usability and introduces the concept of “abusable rules” to inform customers if they create a rule that could potentially be abused by threat actors. It includes:

• Custom Rule Creation:  Define and manage rules using more advanced and flexible logic structures.
• Expanded Field Options: Leverage new fields and operators for more precise targeting.
• Traffic History Insights: Access detailed traffic history for custom rules from the past seven days.
• Rule Auditing: Track and review changes to rule configurations with full audit logs.

Code Defender

Achieving PCI DSS Compliance
Code Defender and the Enterprise sensor (shared with Bot Defender and Account Defender) have successfully passed a PCI DSS 4 audit conducted by an external Qualified Security Assessor (QSAC). The Attestation of Compliance (AoC) and Code Defender’s Shared Responsibility Matrix are available upon request.

Script Archive
Customers can now archive inactive scripts, which enables them to keep their PCI DSS script inventory clean. Should an archived script become active again, Code Defender will automatically bring it back into the PCI DSS Dashboard, along with all of its history. Customers can also browse the archive and manually “revive” scripts if desired.

Policy Rule Templates
When creating policy rules for scripts, Code Defender customers can choose the desired action upfront (block, allow, or authorize). Then they are given a customizable template that helps them create the intended rule and conditions. Read the technical documentation here.

Code Defender & Mitigation On/Off Switch
We’ve introduced new self-service capabilities to give customers more control, flexibility, and confidence to deploy blocking rules:

• Self-Disable Code Defender Sensor Injection: Customers can now turn off Code Defender sensor injection on their own.
• Self-Disable Code Defender Blocking: Customers can also disable all Code Defender blocking on their own.

Google Cloud Storage Integration
Customers are now able to configure Code Defender to send alerts and notifications to a Google Cloud Storage (GCS) bucket.

Platform

Deploy Tool
The Deploy Tool allows for seamless automatic enforcer installation in the customer’s environment. It supports Fastly, Cloudflare, and Akamai.

Sign On Methods Screen
Customers now have expanded sign on options, allowing them to have more flexibility and control.

Advertising Protection

Solutions: Ad Fraud Sensor, Ad Fraud Defense

Enhanced Supply Transparency for Smarter Inventory Decisions
Supply chain intelligence capabilities are now available to all MediaGuard users. These new features enhance our Invalid Traffic (IVT) protection, creating a unified solution to protect, analyze, and optimize inventory across the digital advertising ecosystem. The initial release includes a compliance dashboard for automated standards monitoring and MFA insights for objective quality signal analysis. These tools enable clients to identify compliance gaps, detect questionable inventory, and make data-driven optimization decisions. This release marks the first phase of our expanded supply chain visibility roadmap, with additional intelligence features planned to further strengthen transparency and control for our clients.

Solutions: Malvertising & Ad Quality

User Ad Report Button for Ad Quality for Publishers
Recently added, the User Ad Report Button provides an intuitive overlay for visitors to report problematic ads directly where they appear. This streamlined system replaces the current process of collecting fragmented feedback through social media and emails. Users are guided through structured reporting options, with results automatically aggregated in a centralized dashboard. Publishers can quickly identify problematic ads, recognize complaint patterns, and improve advertiser communications—enhancing both user experience and operational efficiency.

New Malvertising Threat Intelligence
Released several new threat classes that further protect customers from emerging and reemerging malvertising threats. These include: 

• TI-59: Cloaked Parked Lander: A scam ad that leads to a GEO-cloaked page with a fingerprint. If the fingerprint does not match, users are redirected to a domain parking page. Users that match are redirected to different malicious pages depending on GEO and/or other attributes.
• TI-60: Loyalty Rewards Scam: A scam ad leads to a fake loyalty program page of a well-known brand that offers a free gift in exchange for personal data and shipping prepayment.
• TI-61: Consumer Product Scam: A scam ad leads to a page that offers a product with dubious, vague, suspicious claims. The landing page typically gains credibility through fake reviews or celebrity endorsements, and has broken or limited functionality.

IAB Category Blocking Support for Ad Quality for Publishers
To further expand our ad quality protections, we have added support for IAB category blocking to our existing suite of filters within Ad Quality Defense for Publishers solution. At present, this feature supports Content Taxonomy 2.2 and prior.