WAF alerts

Learn how to view information about blocked WAF requests in SecureAccess® CLOUD, including IP address, user and technical data.

In the section Security >> Web Application Firewall (WAF)  you can see a list of all recent alerts triggered by the SecureAccess® WAF. Each of the alerts is a blocked request and the administrator can open the details page by clicking on the  button.

The details screen shows information about blocked request. Among other data you can find the source IP address, SecureAccess® CLOUD user that triggered the alert, which resource and technical data like the triggered SecureAccess® WAF rule and the request payload. 

Image 1: Web application firewall alerts list

On every alert the administrator can mark them as read or leave them as they are for a later review. 

Image 2: Web application firewall alert details