Alerts, Incidents and Website Vulnerabilities
Alerts
The alert shows the total rule hit count of events within the last 90 days. The ‘Alerts’ tab provides details such as the top 10 recent alerts and the top 10 critical alerts. The interface displays a list of alerts along with details such as customer network, alert messages, categories, objects, and the required action taken by the administrator
- To filter the alerts from date, customer, alert,
category, severity, and object use the arrow on the right side.
- Click ‘Top 10 recent alerts to view the recent one and Use the tab ‘Top 10 Critical Alerts’ to view the critical alerts
The example below shows all alerts from all customer
networks.
Alert
List |
|
Column
Header |
Description |
Date |
Displays the
precise date and time at which the alert was detected or added. |
Customer |
Indicates the
customer on whose network the alert was detected. |
Alert |
Displays the type
of the alert or where should it detected |
Category |
Shows the
category of the alert which is classified |
Severity |
Shows the
priority level of the alerts. The options available are 'High', 'Low' |
Object |
Displays the
object where the alert is detected |
Subject |
Displays the
short description and action need to take for the alert based on the severity
of the alert. |
Incidents
The incident shows the total true incidents that occurred within the last 90 days. The incident count is the total alert count minus false positives. The 'Incidents' tab provides details such as incident list, top 10 recent incidents and top 10 Critical Incidents. The 'Incident' interface displays a list of alerts along with details such as customer network, alert messages, categories, objects and the required action taken by the administrator
- To filter the incidents from date, customer,
incident, category, severity and object use the arrow on the right side.
- Click ‘Top 10 Recent Incidents to view the recent one and Use the tab ‘Top 10 Critical Incidents’ to view the critical incidents.
The example below shows all incidents from all customer networks.
Incident List |
|
Column
Header |
Description |
Date |
Displays the
precise date and time at which the incident was detected or added. |
Customer |
Indicates the
customer on whose network the incident was detected. |
Incident |
Displays the
Type of the incident or where should it detected |
Category |
Shows the
category of the incident which is classified |
Severity |
Shows the
priority level of the incidents. The options available are 'High', 'Low' |
Object |
Displays the
object where the incident is detected |
Subject |
Displays
the short description and action need
to take for the incident based on the severity of the incident |
Website Vulnerabilities
Web vulnerability assessments, you will be able to automatically determine deficiencies by crawling the website in order to discover potential vulnerabilities within a specific time period. The interface displays a list of web vulnerability of the SOCaaP customers.
- To filter the alerts from customer, domain name, vulnerabilities, and total count use the arrow on the right side.
The example below shows all website vulnerability from
all customer networks.
Website Vulnerabilities |
|
Column Header |
Description |
Customer |
Indicates the customer on whose network the vulnerabilities was
detected. |
Domain Name |
Domain name of the enrolled customer |
Vulnerabilities |
Indicates the status count of vulnerabilities as low ,medium |
Total Count |
Shows the list of total detected vulnerabilities of a customer |