> ## Documentation Index
> Fetch the complete documentation index at: https://docs.repacket.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Protections

> Safeguard users with advanced phishing prevention and session protection

<Note>
  Repacket Protections help secure your organization with intelligent controls against phishing attacks and session hijacking attempts.
</Note>

## Overview

The Protections module provides advanced protection capabilities that you can layer on top of any traffic.

<CardGroup cols={2}>
  <Card title="Phishing Prevention" icon="fishing-rod" color="#07edb5" href="/modules/phishing-prevention">
    Detect and block sophisticated phishing attempts using AI and known-bad sites
  </Card>

  <Card title="Session Protection" icon="shield" color="#07edb5" href="/modules/session-protection">
    Prevent session hijacking by encrypting cookies for critical applications
  </Card>
</CardGroup>

## How It Works

The Protections module operates through a unified rule builder that allows administrators to apply specific protection types to defined traffic [categories](/config/categories) or applications.

<Frame>
  <img src="https://mintcdn.com/repacket/07SOttYFslgCGKhI/images/protections-rule.png?fit=max&auto=format&n=07SOttYFslgCGKhI&q=85&s=5ec6ca5d4d2135d7b5461cb72b4af6fa" alt="Protection rules builder interface showing spearphishing rule" width="1010" height="1294" data-path="images/protections-rule.png" />
</Frame>

### AI Phishing Scan

<Note>
  You should enable a "Block" rule for the "Phishing" category in your Firewall rules alongside this protection.
</Note>

Repacket can be configured to run an "AI Phishing Scan" on webpages - detecting and blocking previously unknown phishing websites, like spearphishing.

We highly recommend applying this to the "Uncategorized" category.

You can read more about this feature on our [AI Phishing Scan documentation](/modules/phishing-prevention).

### Session Protection

Session Protection is a Repacket Protection which allows you to encrypt the session cookies within your browser.

This allows you to prevent malware or XSS attacks from stealing your session cookies for use on other devices -- Repacket cookies can only be used on the device they were created on!

Repacket provides pre-configured session protection for popular services like Google, Okta, GitHub, and others.

This feature can also be used to block cookies, for instance, in the case of ad tracking cookies.

You can read more about this feature on our [Session Protection documentation](/modules/session-protection).

## Creating Protection Rules

<Steps>
  <Step title="Navigate to Protections">
    Go to the [Protections section](https://app.repacket.com/gateway#protections) in your Repacket dashboard.
  </Step>

  <Step title="Create a new rule">
    Click the "Create new rule" button in the top right corner.
  </Step>

  <Step title="Select rule type">
    Choose between "Session Protection" or "Phishing Prevention" depending on your needs.
  </Step>

  <Step title="Configure matching criteria">
    For Session Protection: Select specific applications from the dropdown (Google, Atlassian, etc.)

    For Phishing Prevention: Choose [categories](/config/categories) or domains to apply the protection to
  </Step>

  <Step title="(Optional) Select specific users">
    Define which users or groups the rule should apply to or exclude.
  </Step>

  <Step title="Configure protection settings">
    For Session Protection: Choose which cookies to encrypt (all, HttpOnly, or custom patterns)

    For Phishing Prevention: Configure AI sensitivity and warning behavior
  </Step>

  <Step title="Save your rule">
    Apply your changes to enforce the new protection rule across your network.
  </Step>
</Steps>

## Best Practices

<AccordionGroup>
  <Accordion title="Prioritize Critical Applications">
    Begin by applying session protection to your identity providers (Okta, Google Workspace) and critical business applications.
  </Accordion>

  <Accordion title="Balance Security and Usability">
    For phishing prevention, consider using "Warn" mode instead of "Block" to reduce false positives while still alerting users.
  </Accordion>

  <Accordion title="Test Custom Rules">
    When creating custom session protection rules, test thoroughly to ensure application functionality isn't affected.
  </Accordion>

  <Accordion title="Educate Users">
    Complement technical controls with user education about phishing warning messages and how to report false positives.
  </Accordion>
</AccordionGroup>

## Related Features

<CardGroup cols={2}>
  <Card title="Firewall" icon="filter" href="/modules/firewall">
    Control internet access with granular access rules
  </Card>

  <Card title="Bypass" icon="route" href="/modules/bypass">
    Exclude specific traffic from Repacket interception entirely
  </Card>

  <Card title="Just-in-Time Exceptions" icon="clock" href="/modules/jit-exceptions">
    Allow temporary access to blocked categories when needed
  </Card>

  <Card title="Phishing Prevention" icon="fishing-rod" href="/modules/phishing-prevention">
    Detect and block sophisticated phishing attempts using AI and known-bad sites
  </Card>

  <Card title="Session Protection" icon="shield" href="/modules/session-protection">
    Prevent session hijacking by encrypting cookies for critical applications
  </Card>
</CardGroup>
