Formerly known as Shape Client-Side Defense, now F5 Distributed Cloud Client-Side Defense.  Learn more ›

F5 Distributed Cloud Client-Side Defense

Security monitoring and mitigation in the browser

Protect against Magecart, formjacking, skimming, PII harvesting, and other critical security vulnerabilities.

Guard Against the Latest Client-Side Security Threats

Distributed Cloud Client-Side Defense is a monitoring and mitigation solution to protect customer credentials, financial details, and PII against Magecart, Formjacking, and other client-side supply chain attacks.


With a firewall, a WAF, bot defenses, and a SIEM, you control and monitor web traffic entering the data center. Criminals have adapted their strategies to attack your customers in the browser. New web architectures involving dozens of third-party JavaScript files make this new attack surface even more vulnerable.

Financial loss

When attackers take over customer accounts, financial loss often comes with it. 

Customer fraud

The theft of personal data exposes your customers to increased fraud risk.

Compliance fines

When an attack occurs, you not only risk financial losses, but hefty compliance fines as well.

Why Distributed Cloud Client-Side Defense?

Protect customer privacy

Keep your customers’ personal and financial data out of the hands of criminals.

Maintain trust

Protect against data loss that would undermine customer confidence.

Close the security gap

Proactively monitor and protect customer safety.

Platform Overview

Proactively monitor web apps in the browser to catch criminals in the act

The Distributed Cloud Client-Side Defense JavaScript monitors your web pages for suspicious code, sending telemetry to the Distributed Cloud Client-Side Defense Analysis Service, which generates actionable alerts viewable in a dashboard with one-click mitigation. When you enable mitigation, the Client-Side Defense JavaScript will block network calls from the browser that attackers use to exfiltrate data.

client side defense diagram

JavaScript behavior monitoring

Gain real-time JavaScript monitoring to detect suspicious behavior. 

Insightful alerts

Receive alerts with actionable insights on attack impact.

Data exfiltration mitigation

Stop data exfiltration immediately with the click of a button.

Distributed Cloud Client-Side Defense Use Cases

Stop Magecart and Formjacking Attacks

Receive alerts when malicious JavaScript attempts to exfiltrate stolen data.

Prevent PII Harvesting

Protect against the stealing of credentials, financial data, and all forms of PII.

Avoid Session Hijacking

Prevent attackers from reading session identifiers and security tokens, which could be used to take over login sessions.

Protect Against Account Takeover (ATO)

Block account takeover attempts by preventing stolen credentials on the client side.


Sign up for a live demo to see firsthand how Distributed Cloud Client-Side Defense works.

Thank you for your interest in Distributed Cloud Client-Side Defense. An F5 representative will contact you to arrange a demo.


Introduction to F5 Distributed Cloud Client Side Defense


Introduction to F5 Distributed Cloud Client Side Defense

Watch the demo ›

F5 Labs State of Application Exploits


F5 Labs State of Application Exploits

Read the report ›

F5 Labs Application Protection Report


F5 Labs Application Protection Report

Read the report ›

The Magecart Mess


The Magecart Mess

Read the blog ›