Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All
     

    Related Documentation

     

    Incidents

    The Incidents page contains any information on specific incidents that have been triggered, and offers additional information on all of the incidents that can be detected by WebApp Secure.

    Figure 1: Incidents Table

    Incidents Table

    Note: Incident tables include a column labeled Count which indicates the number of times a particular attacker performed a specific incident (in the case where the attacker actually triggered an incident multiple times in quick succession). However, if enough time has passed, the incident will be given a new row in the Incident table with separate counts.

    There are various data views you can navigate through through the tabs near the top of the page. You can also search within Incidents by using the search field in the upper right side of the page, under the Filter widget.

    • Most Common This tab displays a list of the most frequently triggered incidents in descending order. Count of triggered incidents of that type is displayed to the right of each item in the list, and a graphic depicting the complexity of that incident is visible to the left. Clicking on a particular incident in this list will bring you to a page with additional information on that incident. By default, WebApp Secure only displays malicious incidents (those that might be of direct interest to WebApp Secure users). If you want to show all incidents triggered, you can click on the Show all incidents link above the list.
    • Most Recent This tab displays a table of the most recent incidents triggered. The incident name is displayed along with the profile that triggered the incident, the complexity of that incident, the Count indicating the number of times that incident was triggered at one time (using the same data), the first and last times the profile activated that particular incident, and any actions available to the WebApp Secure user regarding that incident. You can navigate to other pages by using the tab above the table. Here you can jump to the next page, previous page, first page, and last page by using the corresponding buttons. You can also jump to a specific page or change the number of rows returned per page by clicking on the label between the navigation buttons. By default, only malicious incidents are displayed. To display all malicious and non-malicious incidents, click the Show all incidents link above the title. To keep this data fresh, the monitor will periodically refresh the page (if Auto-refresh is enabled in the User Preferences). To stop this from happening, click the alarm clock icon in the top right corner of the tab to stop refresh.
    • Browse by Complexity For informational purposes, this tab allows you to browse the list of detectable incidents, grouped by complexity. Clicking on an incident will bring you to an informational page that contains a description of that incident, and allows you to search for triggered incidents of that type.
    • Time Graph The Time Graph is a larger version of the same bar graph displayed on the Dashboard.
    • Severity Graph This graph is a larger version of the same pie graph displayed on the Dashboard.
     

    Related Documentation

     

    Published: 2014-06-27