• Ensure you have admin user privileges.

To enable or disable attacks:

  1. Click Settings > Enable/Disable Attacks.
    A screen capture of the PingIntelligence Enable/Disable Attacks page.

    The PingOne API Intelligence Dashboard interacts with the AI engine when you enable or disable an IoA. If you disable an attack while the AI engine is processing data, it might continue reporting IoAs for a few minutes. The IoA type would be disabled when the next batch of data is processed. When you enable an IoA from the disabled state, the AI engine takes a few minutes to report new IoA events. For more information, see Enabling or disabling attack IDs.

  2. Click the toggle to enable or disable an IoA type. The toggle button will not be present if an IoA cannot be disabled. For example, the following IoA IDs cannot be disabled because they are real-time events reported by ASE:
    • Attack ID 13: API DDoS Attack Type 2
    • Attack ID 100: Decoy Attack. This IoA ID must be disabled on ASE.
    • Attack ID 101: Invalid API Activity. This IoA ID must be disabled on ASE.
  3. Click the Expand icon for details, such as the time the IoA was enabled or disabled.
    A screen capture of an IoA with attack details expanded.
    1. You will always be prompted with a confirmation notification before enabling or disabling an IoA. For example, when you try to disable an IoA, you will be prompted with the following notification. Click Submit to confirm.

      You should see a success notification when an IoA type is enabled or disabled.

      A screen capture of the Disable Attack notification stating "AI Engine will not detect this attack for future traffic. Are you sure?" with Submit and Cancel options.
  4. Sort the attack types based on Attack Id or Is Enabled status.

  5. Search based on Attack Name or Attack Id within enabled or disabled attacks.
    A screen capture of the PingOne API Intelligence Enable/Disable Attacks Search attacks box with search filters.