The Cequence Unified API Protection (UAP) platform 8.4 release introduces comprehensive enhancements to dynamic fingerprint capabilities, advanced mitigation options, and significant infrastructure improvements. This release strengthens the platform's ability to detect and respond to sophisticated API threats while improving operational reliability and user experience across all deployment scenarios.

Dynamic fingerprinting receives substantial expansion in this release, including out-of-box default algorithms, Lua script validation, and full integration across policy creation, dataset management, and mitigation workflows. The algorithms now support SHA-256 hashing for backward compatibility with legacy Defenders while improving precision through updated query parameter, cookie, and header extraction methods. Users benefit from intuitive UI redesigns and detailed algorithm breakdown on hover, enabling faster configuration and troubleshooting.

Mitigation capabilities are extended with challenge action type support across policy editors and dashboard analytics, alongside HTML response template support for block and rate limit actions. Policy configuration workflows now enforce stricter validation for dynamic fingerprint usage, preventing common configuration errors. Enhanced cache metrics and performance improvements ensure rapid policy distribution and consistent behavior across all API versions.

Authenticity challenge policies

Version 8.4.1 further extends these capabilities with Authenticity Challenge policies (WebAuthn human verification), a biometric authentication feature that enables legitimate users who are incorrectly flagged as bots to quickly prove their humanity using fingerprint or facial recognition, eliminating CAPTCHA frustration while maintaining strong security.

Minimum required Defender version

Many of the new features introduced in the 8.4 release of the Cequence UAP platform require Defender release 6.0 or later.

Fixed issues

The following issues are resolved across the 8.4 release.

CEQASP-10710 Mitigated stats now display records for dynamic fingerprint.

CEQASP-10704 Resolved an issue where the edit template overlapped the HTML editor until the user clicked outside it.

CEQASP-10703 Configuration import preserves WAF policy placement in the correct tab.

CEQASP-10696 Removed SDE buttons from the Field Names modal.

CEQASP-10673 Dynamic fingerprint page displays proper placeholder for unused algorithms.

CEQASP-10665 App tags attach correctly to published endpoints.

CEQASP-10637 Data-plane incompatibility messaging improved for dynamic fingerprint features.

CEQASP-10608 Dynamic fingerprint field and value now appear in transaction details.

CEQASP-10550 Challenge action type integrated into policy editor and dashboard charts.

CEQASP-10527 Policy editor displays correct action type and action field values.

CEQASP-10526 Distribution service API responses are consistent across all versions.

CEQASP-10519 Dynamic fingerprint exports correctly from global mitigation data.

CEQASP-10517 Mitigator API validates versions between v1 and v6.

CEQASP-10516 Default dynamic fingerprint algorithms updated for enhanced precision.

CEQASP-10514 Resolved Kafka Connect S3 Sink failures caused by an AWS SDK v1/v2 credentials provider mismatch.

CEQASP-10501 Policy editor preserves response reason text when toggling error message options.

CEQASP-10479 Lua script maximum length is configurable via environment variables.

CEQASP-10472 Added SHA-256 hashing support for backward compatibility with legacy Defenders.

CEQASP-10463 Dynamic fingerprint user interface redesigned for improved usability.

CEQASP-10424 Fingerprint algorithm details are available on hover in the pivot details view.

CEQASP-10418 Pivot and unique counter variables support display aliases for clarity.

CEQASP-10401 Mitigation criteria field switching is no longer blocked after regex selection.

CEQASP-10400 Added support for HTML response templates for block and rate limit actions.

CEQASP-10399 Cache hit and miss metrics are now tracked for dynamic fingerprint data.

CEQASP-10398 Dynamic fingerprint data is now visible in list view on pivot details.

CEQASP-10390 Dynamic fingerprint API response uses algorithmId for clarity.

CEQASP-10386 Integration executor unit tests implemented.

CEQASP-10382 Resolved a white screen condition that occurred when filtering by app tag in the detection dashboard.

CEQASP-10381 Distribution service unit tests implemented.

CEQASP-10380 Query parameters Lua script label corrected.

CEQASP-10379 BFF unit tests implemented.

CEQASP-10375 Cookie security flags and vulnerability exposure addressed.

CEQASP-10372 Component configuration API returns detailed validation errors for invalid input.

CEQASP-10354 Audit logging enabled for dynamic fingerprint operations.

CEQASP-10347 Dynamic fingerprint algorithm uniqueness validation enforced by expression hash.

CEQASP-10345 Resolved an issue that prevented the policy engine from starting.

CEQASP-10340 Skipped tests re-enabled following rules bundle merge.

CEQASP-10335 Dynamic fingerprint filter option added to the mitigation policies page.

CEQASP-10332 Policy data store deduplication support implemented for dynamic fingerprint.

CEQASP-10331 V1 and V2 datastore correctly routes dynamic fingerprints to the appropriate dataset.

CEQASP-10321 Dynamic fingerprint Lua script validation is available in the user interface.

CEQASP-10320 Backend API provides Lua script validation without persistence.

CEQASP-10318 Mitigation criteria updated to support dynamic fingerprint field requirements.

CEQASP-10303 Distribution service API supports v6/mitigator/data with IP, fingerprint, and dynamic fingerprint caching.

CEQASP-10296 Dynamic fingerprint page displays a Defender version compatibility notification.

CEQASP-10294 Clear mitigation cache extended with dynamic fingerprint bulk and granular options.

CEQASP-10293 Dataset transmission to policy workflows enhanced for dynamic fingerprint.

CEQASP-10277 Mitigator cache metrics augmented with dynamic fingerprint hits and misses.

CEQASP-10275 Mitigator configuration generation error handling and retry mechanisms improved.

CEQASP-10252 Dynamic fingerprint pivot keys are properly filtered to show active fingerprint algorithms only.

CEQASP-10244 Dataset replace operation and append performance improved for all data types.

CEQASP-10242 Out-of-box default dynamic fingerprinting algorithms created.

CEQASP-10139 Removed redundant code.

CEQASP-9848 Updated informational messages throughout the UI for accuracy and clarity.

CEQASP-9701 Added UI support for dynamic fingerprint and signature CRUD operations.

CEQASP-9471 Optimized policy data store storage usage.

CEQASP-8889 Enhanced the detection page to display additional action fields for dynamic fingerprints.

CEQASP-7517 Resolved an issue where the bot analyzer masked credit card-like patterns prematurely.

Upgrade guides

8.2.x to 8.3.x upgrade and rollback

8.3.x to 8.4.x upgrade and rollback