Unveiling the All-New AppTrana WAAP Dashboard
July 23, 2024
Discover the power of our new WAAP dashboard, designed to effortlessly monitor, analyze, and enhance your security posture—all in real time.
The dashboard provides enhanced visibility and actionable insights to secure assets, prioritize remediation, and address critical exposures.
Instantly find answers to questions such as: What is my application’s protection status? What common attacks does the WAAP protect against? Which countries are the top sources of blocked traffic? How does this month’s traffic compare to last month’s? and more.
Let us take a tour of our new dashboard:
Highlights
The dashboard presents your current security status and posture through clear graphical visualizations.
The Highlight section contains widgets that display key metrics such as protection score, attack trends, blocked requests, unpatched vulnerabilities, actions performed on WAF, and pending task suggestions. All of these can be delved into further for detailed analysis.
Protection Status
In completely transparent terms, this section gives CISOs complete visibility on protected, partially protected and unprotected assets.
This is very unique to AppTrana that bundles both risk detection and risk protection in one platform.
This overview helps CISOs and security leaders identify where your efforts are most needed.
Below the score, you can see if the protection trend is improving or declining within the selected time range.
For a more detailed view, the dashboard lists each application by name, along with its protection level, issue severity, and actions required to improve the protection score.
Prioritize and fix high-risk applications first.
Depending on the action item, the dashboard will let you know if you have to fix this on your own or if you could rely on the managed services team.
The recommended actions include but are not limited to patching vulnerabilities, enabling origin server protection, enabling bot protection, and so on. Acting on these prioritized recommendations brings the protection score up.
Attack Trends
Track overall blocked attack numbers and compare them across weeks or months to monitor threat levels.
If you notice a significant spike in attacks this week compared to the last, this alerts potential new threats targeting your application.
Clicking on the graph takes you to a more granular view of the blocked traffic, categorized by core rules, custom rules, DDoS policies, bot policies, GEO and IP custom rules, and more.
If you see a surge in DDoS attacks. By clicking through, you find that most of these are blocked by your DDoS policies. This confirms the effectiveness of your current DDoS protection setup.
Identify top applications to pinpoint major threat sources. Explore the top 5 targeted apps for insight into attacked application areas. View top apps for core, GEO, and IP custom rule applications to optimize rule effectiveness.
Finally, you can find the top 5 countries from which the attacks originated. This global perspective helps you understand broader attack patterns and adapt your defences to emerging threats.
For example, an increase in attacks from a new country could be mitigated through behavioural bot policies and in case you don’t operate in that geography, geo-fencing could also be used.
Vulnerabilities
Gain critical insights into application security gaps with details on partially patched vulnerabilities and those needing immediate attention.
This overview gives you a clear picture of your open vulnerabilities. By leveraging virtual patching, you could quickly prioritize patching those that need fix in code.
.
A detailed view presents the severity levels of vulnerabilities—critical, high, and medium—through visual representation. This breakdown helps prioritize actions based on the severity of each issue.
The dashboard identifies the top 5 applications with unpatched vulnerabilities and those successfully patched by core and custom rules. These applications are categorized based on vulnerability types for a comprehensive understanding.
Identify top applications with vulnerabilities and apply autonomous patches using SwyftComply for immediate risk mitigation.
Bandwidth
The next Bandwidth section provides insights into application data usage and distribution.
Analyze total data served, including CDN-served data, to optimize content delivery strategies.
Bandwidth usage breakdowns by license name help manage resource allocation efficiently. Identify top bandwidth-consuming applications and assess CDN effectiveness in offloading data delivery tasks.
For example, if you discover that “App A” consistently tops the list in bandwidth usage. This prompts you to review its content delivery strategies to ensure optimal performance and cost efficiency.
Additionally, you can view the top 5 applications where the CDN serves data. This analysis allows you to assess the efficiency of your CDN deployment.
Action Center
A hub for prioritizing and managing pending security actions.
The Action Center lists tasks based on severity and application needs. Filter actions by action type—such as enabling bot protection, requesting custom rules, or starting a scan—to streamline your security operations.
The dashboard lets you view actions specific to each application, ensuring tailored security measures based on individual needs and vulnerabilities. Actions are also categorized by severity, ranging from critical to medium, providing a clear roadmap to address high-priority security concerns swiftly.
Explore the actions to pinpoint the most critical assets and implement guided remediation steps. This approach offers a high ROI with minimal cost and maximum impact on your security posture.
Stay tuned for more relevant and interesting security articles. Follow Indusface on Facebook, Twitter, and LinkedIn.
