---
title: Additional cookie security
description: Although the session cookie is the most important cookie to keep track of when securing AM, there are other points you must consider, such as:
component: pingam
version: 8.1
page_id: pingam:security:additional-cookie-considerations
canonical_url: https://docs.pingidentity.com/pingam/8.1/security/additional-cookie-considerations.html
keywords: ["Security", "Sessions"]
page_aliases: ["security-guide:additional-cookie-considerations.adoc"]
---

# Additional cookie security

Although the session cookie is the most important cookie to keep track of when securing AM, there are other points you must consider, such as:

* Which cookie are you using for sticky load balancing?

  By default, AM creates the `amlbcookie` cookie and sets it to the ID of the instance that first responded to a request. You should change the name of this cookie to something unique in your environment.

* Which other cookies, relevant for your environment, interact with AM or are sent to AM as part of a chain of requests?

The following table summarizes the tasks and information to review to manage cookie security that is not strictly related to the session cookie:

| Task                                                                                                                                                                               | Resources                                                                   |
| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------- |
| **Enable support for `SameSite` rules**Configure AM to apply `SameSite` rules, such that you can declare that your cookies are restricted to a first-party or a same-site context. | [SameSite cookie rules](enable-samesite-cookies.html)                       |
| **Review the secure cookie filter**AM provides a filter that upgrades cookies to secure cookies if the conditions are met.                                                         | [Secure cookie filter](secure-cookie-filter.html)                           |
| **Change the name of the sticky load balancing cookie**Name the cookie something relevant and unique for your environment.                                                         | [Change the sticky load balancing cookie name](change-amlbcookie-name.html) |