Help

Alert Security Status

The SenseDeep dashboard is your top-level security overview and it provides you with clear, actionable information. Rather than presenting a long list of potential security threats, the security status is separated into three distinct areas:

Attacks indicate if you have been attacked and compromised. Threats indicate where you are vulnerable and what you need to look out for. Background events show the background internet threat environment of probes and scans in which your site is operating.

Attack Status

Attack

Your Attack status indicates if you have been compromised or not. It is your have I been hacked indicator. The gauage is color coded and the current value is displayed below the graph. The possible values of your attack status are:

On the SenseDeep App dashboard, the attack status is mapped to a gauge value for display. The none value is displayed as 0%, targeted is displayed as 50% and compromised as 100%.

Threat Status

The Threats gauge indicates if you have vulnerabilities in your site. It shows if are you at risk of being hacked in the future. Like the attack status, the gauage is color coded and the current status and numeric value are displayed below the graph.

Attack

The threat status is a numeric value that indicates the extent of your site's vulnerabilities. When SenseDeep discovers configuration errors in your site, out-of-date software with known vulnerabilities, or other vulnerabilities, it increases the threat status.

SenseDeep performs a regular audit of your AWS site's configuration and utilizes event-based detectors to detect new vulnerabilities in real-time.

The Threat status is a numeric value between 0 and 100% with an associated word-based status. The following thresholds are to determine the status:

Interpreting Status

If your Attack Status is targeted, you should ensure that you have no important threats as indicated by your Threat status. If your Threat status is non-zero, you should do the following to address the underlying issues in response to your threat status:

Background Events

Background events are security related events that do not result in a compromise or immediate vulnerability. Examples are the scanning and probing of servers that is normal and constantly occuring on the modern internet.

Background events are tracked so you can see the full environment in which your cloud service is operating. It is normal that your servers will constantly be probed and scanned. Consequently, it is important to ensure that you have the lowest Threat score possible. A higher threat score indicates you have open vulnerabilities to this background "radiation" of security attacks.

Drill Down

You can click on the Attack, Threat and Background gauges and graphs to see more detailed information about the source of the attack or threat.

Dispatching Alerts

See Also

© SenseDeep® LLC. All rights reserved. Generated at 19:33:25 Jun 21, 2017. Privacy Policy and Terms of Use.