Optimizing Account Defender Detection

Sensitive Paths

HUMAN Account Defender makes use of sensitive paths. A sensitive path is a path that:

• Your organization wants to protect from fraudulent activities or abuse by competitors (for example, checking a shopping cart, withdrawing funds, executing a transaction, sending an internal message, etc.)
• Can be used to cause damage to other assets or abused by attackers (for example, disabling notifications, changing email address, changing shipping address, disabling MFA, etc)

During the onboarding, the HUMAN team maps out your web-site for sensitive paths using observation and threat intelligence. If you know of any such paths, please give us these details:

• Path URL/regex (for example, users/.*/edit_billing)
• Name to be displayed in Account Defender screens and reports

Past Fraud Cases

If your organization has been a target to fraud attempts in the past, we encourage you to provide us with information about such cases, including:

• Web logs
• IP addresses
• Account IDs
• Attack patterns

This will help us fine-tune Account Defender to better address your organization's needs.