Navigate the Dashboard

How to use the Code Defender Dashboard

The Code Defender Dashboard provides an in-depth analysis of malicious traffic as code on your application. Data is displayed for the previous week. Data can be filtered per account Application, Host Domain, Page Type and Time Range.

19121912
ComponentsDescription
ApplicationsThe applications for the selected account. Select/de-select applications to refine the data displayed in the Dashboard.
By default, all applications are selected.
Host DomainsThe application's host domains. If you are running multiple scripts, by selecting/de-selecting different domains, you can splice the data and refine the data displayed in the Dashboard.
By default, all Domains are selected
Page TypesDisplys data relevant to specific Page Types (Login and Authentication, Checkout, Purchase, Product and Search) and allows users to analyze scripts and incidents relevant to that page type.
Time RangeSets the time period for which the data is displayed - Last 24 hours, Last 7 days, Last 14 days, Last 30 days.
By default, the time range is the Last 24 hours
User IconDisplays the initials and first name of the logged in user To logout of the portal, click on the User Icon, and click Logout
Knowledge BaseAccesses the PerimeterX documentation set
System InfoAn easy was to keep track of your integration
Account Logo/NameIdentifies the account the user is signed into, and allows users with access to multiple accounts to navigate between account
When a user has access to more than one account, this includes a drop-down of available accounts, with search capabilities
Search can be performed by AppID or account name.
The default account is the last account chosen by the user.

Dashboard Status

A summary of the account's scripts, including:

  • The number of scripts accessing your site
  • The scripts' origins
  • Destination domain
  • Source domain
17801780

Incidents

Code Defender constantly analyzes the client side scripts, their actions, and known baselines to highlight any malicious, suspicious or anomalous behavior, generating real-time incidents that require your attention.

This component shows the new incidents (from the past 24h) to address on your site per status.

When the source script of the incident is still under investigation, the initiator is displayed as An Unidentified Script

šŸ“˜

Note

The Incidents panel is filtered by default. Incidents with minimal users exposure are filtered out in order to reduce noise.

27862786

Incident details (users affected, pages affected, page types, host domain, and start date) are available by clicking on the specific incident.

You can search for incidents, including acknowledged and blocked incidents in the Incidents widget. The search function is a free text search. When a specific incident is expanded, the search function is disabled.

When an incident has more than one action associated with it, all actions are included within a list. The list is available by clicking See all.

629629

šŸ“˜

Note

% of Users in the Incident details is the % of users affected by that specific incident - % Users in the script is the % users affected by the script.

  • Clicking Recomendations displays the PerimeterX recommended action for the incident.

What incidents does Code Defender identify?

The PerimeterX Code Defender identifies the following incident types:

  • PII/PCI Sniffing
  • Known Malicious Domain
  • Suspicious Domains (CA, registrar, spoof, suffix etc.)
  • Crypto-Mining
  • Site/Script Baseline Deviation
  • Outdated Libraries

A complete list of Incidents is available here

Incidents Over Time

Shows the malicious incidents on your site/application/domain according to severity for the previous 7 days (regardless of the currently selected time range).

696696

Scripts

A detailed view of the scripts running on your site for the last 24 hours. Data presented includes the risk the script poses to your site, the script type, ID, and source. Also included in the Scripts table is the percentages of unique users and pages that have been affected by the script, as well as the external source communicating with the script. The data can be sorted according to some of the column headings.

Scripts Grouping Mechanism

For tracking, detecting and organizing purposes we group scripts that update daily or that have unique strings that constantly change as part of their name. These scripts are displayed in the Scripts breakdown with [UNIQUE_ID] replacing the interchangeable part.

For example: pagead/viewthroughconversion/[UNIQUE_ID]/

17111711

šŸ“˜

Note

The Scripts panel is filtered by default. Scripts with less than 0.5% of users are filtered out in order to reduce noise.

ColumnDescription
Risk LevelThe level of risk the script poses to the site (malicious, suspicious, legitimate, unknown)
Host DomainsThe scripts' host domains
Script SourceThe origin of the script
Script IDFull path, including the script name, used as the script ID
TypeFirst-Party or Third-Party
% UsersPercent of users being accessed by the script
% PagesPercent of pages on your site being accessed by the script
Age on SiteHow long the script has been observed on the site
Additional InformationAny additional information related to the script

The data presented in the Scripts component can be filtered by clicking

  • Select the filter parameters from the dropdown. By default all filter parameters are selected.

    The Scripts filter will not affect data in the other components of the Code Defender dashboard.

Did this page help you?