IoAs (Indicators of Attack)
The IoAs (Indicators of Attack) dashboard lists the detected IoAs for a client row in the Attack list table of the Attack Management dashboard. The IoAs dashboard provides some high-level details, and functionality for further drill downs, inspection and analysis of the client’s activities during the reported period.
Go to Attack management.
Click on a client row in the Attack list table, to navigate to the client’s IoAs dashboard, for further drill downs, inspection and analysis of the client’s activities during the reported period. The IoAs dashboard lists detected IoAs.
Column | Description |
---|---|
Type |
Type of IoA. |
Time |
Starting and ending date and time of the abnormal activity. |
API |
The name of the impacted API. |
Reason |
The rationale behind generating the IoA. |
Remediation |
Suggestions for handling the reported IoA. |
Three-dot drop down |
Click View transactions to navigate to the Transactions page, for details on each transaction that generated the IoA on the API. |
Actions and drill downs
Actions
On the right side of the row in the main Attack management list, or at the top right of the IoAs dashboard, click the three-dots drop down to choose an action option:
-
Client activity: Navigate to the Client activity dashboard, for further inspection and analysis of the client’s activities during the reported period.
-
Tune IoA detection: Select this option to update models to not flag this behavior in the future.
-
Remove from blocklist: Select this option to update models to remove this entry from the blocklist.
Drill down
Viewing transactions: To view the list of transactions that generated the IoA, click the three-dot drop down on the right of the IoA row, and then click Viewing transactions. The Viewing transactions dashboard provides functionality for further drill downs, inspection and analysis of the client’s activities during the reported period.
Click X in the top right to return to the previous dashboard.