Tämä käännös on koneen tuottama ja odottaa tarkistusta.Vaihda englanniksi
Tumma
HallintapaneeliOta yhteyttä

Browser Security

Definition. Browser Security is the enforcement layer. Where Browser Intelligence reads the page, Browser Security acts on what was read — client-side, under policy you control. It is the security half of the two-layer browser story.

The two layers are deliberately separate. Collection is always-on and read-only; enforcement is policy-driven and opt-in per surface. You never enforce something you can’t first see.

How Noxtica does it

Enforcement is expressed as directives delivered to the client:

  • Challenge — step a session up: add a second factor or extra verification. Real customers pass it; automation usually doesn’t.
  • Block — stop a session, with logging, reserved for the clearest cases.
  • Tarpit — slow an abusive client down rather than cleanly blocking it.

Two operator controls make this safe to roll out:

  • Per-domain policy — directives apply per domain, so each surface gets its own posture instead of one blunt global rule.
  • Shadow mode — run a policy in observe-only first. Noxtica records what would have happened without acting, so you can see the impact on real traffic before anything is enforced.

The risk-action engine

Enforcement is driven by the risk-action engine — operator-configurable policies that challenge, block, or tarpit based on:

  • Device risk — the score from Know Your Device.
  • Agent verdicts — the allow/deny outcome from Know Your Agent.
  • URL patterns — which routes the policy applies to.
  • IP reputation — network-level context.

Every action is visible in a risk-actions dashboard, and shadow mode lets you validate a policy before it acts. The policies are yours: operators tune policies and thresholds with full control. Nothing enforces on your behalf without a policy you wrote.

Where it fits

Browser Security is the Security pillar. The risk-action engine is the defensible, shipped meaning of “agentic security” — software that polices the agentic web under operator-set policy. See Agentic Security for how it ties to KYA, MCP, and the assistant.

Read deeper