Attack Analytics Insights
It provides necessary actions against the attacks that have targeted your sites and applications.
The system checks daily to detect vulnerabilities or misconfigurations in all the onboarded websites, and all identified insights are displayed. Once you have resolved the underlying issue, the insight is no longer displayed in your account.
Where to find in Cloud WAF?
This option is available under Attack Analytics.
Top vulnerabilities or misconfigurations that you may notice under the insights
- Misconfigured WAF settings
- Allowlist vulnerabilities
- Origin servers are exposed
- Unprotected API hosts
- Bad reputation IPs are not blocked
- Unreviewed 3rd party JavaScript services
What if Vulnerable activities are not happening?
If the underlying issue has already been resolved, then later it will disappeared from the AA.
What is Snooze an Insight?
If you use this option you can hide the insight for that duration.
What if the customer asks to lower the IP intelligence score on known IP addresses?
- It’s not possible to reduce the IP reputation manually. Scores only decrease over time when the IP stops triggering rules.
#AttackAnalytics
#CloudWAF(formerlyIncapsula)
------------------------------
Ankit Sharma
Cloud Security Engineer | Enterprise Services
Imperva
------------------------------