diff --git a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/emm-web-agent/jaggery.conf b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/emm-web-agent/jaggery.conf
index 6279943bdd..0c0285ee21 100644
--- a/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/emm-web-agent/jaggery.conf
+++ b/components/mobile-plugins/mobile-base-plugin/org.wso2.carbon.device.mgt.mobile.ui/src/main/resources/jaggeryapps/emm-web-agent/jaggery.conf
@@ -98,6 +98,11 @@
     {
       "name": "URLBasedCachePreventionFilter",
       "class": "org.wso2.carbon.ui.filters.cache.URLBasedCachePreventionFilter"
+    },
+    {
+      "name":"HttpHeaderSecurityFilter",
+      "class":"org.apache.catalina.filters.HttpHeaderSecurityFilter",
+      "params" : [{"name" : "hstsEnabled", "value" : "false"}]
     }
   ],
   "filterMappings": [
@@ -108,6 +113,36 @@
     {
       "name": "URLBasedCachePreventionFilter",
       "url": "/enrollment/*"
+    },
+    {
+      "name":"HttpHeaderSecurityFilter",
+      "url":"*"
+    }
+  ],
+  "listeners" : [
+    {
+      "class" : "org.owasp.csrfguard.CsrfGuardServletContextListener"
+    },
+    {
+      "class" : "org.owasp.csrfguard.CsrfGuardHttpSessionListener"
+    }
+  ],
+  "servlets" : [
+    {
+      "name" : "JavaScriptServlet",
+      "class" : "org.owasp.csrfguard.servlet.JavaScriptServlet"
+    }
+  ],
+  "servletMappings" : [
+    {
+      "name" : "JavaScriptServlet",
+      "url" : "/csrf.js"
+    }
+  ],
+  "contextParams" : [
+    {
+      "name" : "Owasp.CsrfGuard.Config",
+      "value" : "/repository/conf/security/Owasp.CsrfGuard.dashboard.properties"
     }
   ]
 }