Skip to main content
Version: 1.0.x.x LTS

Action plug-ins

While the Risk plug-ins serve as adapter for a particular detection technology, the Action plug-ins provide mitigating actions in case of malicious HTTP requests. In nevisDetect, two Action plug-ins provide mitigating actions within the Nevis Security Suite.

The NevisProxyActionPlugin provides the following actions concerning the HTTP request processing of nevisProxy:

  • PASSTHTROUGH: nevisProxy forwards the request to the application. By adding some special HTTP headers to the request, the application is informed and can react accordingly.
  • AUTHENTICATE: nevisProxy terminates the authenticated session. The user has to log in and authenticate again.
  • BLOCK: nevisProxy blocks the request of the user.

With the NevisAuthActionPlugin, the login process of nevisAuth can be influenced:

  • STEPUP: nevisAuth executes an additional AuthState, depending on the configuration of nevisAuth. Consider the following example: The user is authenticating with a password. If nevisAuth receives the action STEPUP, it will execute an additional Challenge/Response AuthState, thus making the login of the user more secure.
  • DENY: nevisAuth denies the login attempt of the user.

Custom Action plug-ins

By the Action plug-in concept within nevisDetect, it is possible to integrate any third party system with nevisDetect. This is done by implementing the Action plug-in interface of nevisDetect.