Navigate the Dashboard
How to use the Code Defender Dashboard
The Code Defender Dashboard provides an in-depth analysis of malicious traffic as code on your application. Data is displayed for the previous week. Data can be filtered per account Application, Host Domain, Page Type and Time Range.
| Components | Description |
|---|---|
| Applications | The applications for the selected account. Select/de-select applications to refine the data displayed in the Dashboard. By default, all applications are selected. |
| Host Domains | The application's host domains. If you are running multiple scripts, by selecting/de-selecting different domains, you can splice the data and refine the data displayed in the Dashboard. By default, all Domains are selected |
| Page Types | Displys data relevant to specific Page Types (Login and Authentication, Checkout, Purchase, Product and Search) and allows users to analyze scripts and incidents relevant to that page type. |
| Time Range | Sets the time period for which the data is displayed - Last 24 hours, Last 7 days, Last 14 days, Last 30 days. By default, the time range is the Last 24 hours |
| User Icon | Displays the initials and first name of the logged in user To logout of the portal, click on the User Icon, and click Logout |
| Knowledge Base | Accesses the PerimeterX documentation set |
| System Info | An easy was to keep track of your integration |
| Account Logo/Name | Identifies the account the user is signed into, and allows users with access to multiple accounts to navigate between account When a user has access to more than one account, this includes a drop-down of available accounts, with search capabilities Search can be performed by AppID or account name. The default account is the last account chosen by the user. |
Dashboard Status
A summary of the account's scripts, including:
- The number of scripts accessing your site
- The scripts' origins
- Destination domain
- Source domain
Incidents
Code Defender constantly analyzes the client side scripts, their actions, and known baselines to highlight any malicious, suspicious or anomalous behavior, generating real-time incidents that require your attention.
This component shows the new incidents (from the past 24h) to address on your site per status.
When the source script of the incident is still under investigation, the initiator is displayed as An Unidentified Script
Note
The Incidents panel is filtered by default. Incidents with minimal users exposure are filtered out in order to reduce noise.
Incident details (users affected, pages affected, page types, host domain, and start date) are available by clicking on the specific incident.
You can search for incidents, including acknowledged and blocked incidents in the Incidents widget. The search function is a free text search. When a specific incident is expanded, the search function is disabled.
When an incident has more than one action associated with it, all actions are included within a list. The list is available by clicking See all.
Note
% of Users in the Incident details is the % of users affected by that specific incident - % Users in the script is the % users affected by the script.
- Clicking Recomendations displays the PerimeterX recommended action for the incident.
What incidents does Code Defender identify?
The PerimeterX Code Defender identifies the following incident types:
- PII/PCI Sniffing
- Known Malicious Domain
- Suspicious Domains (CA, registrar, spoof, suffix etc.)
- Crypto-Mining
- Site/Script Baseline Deviation
- Outdated Libraries
A complete list of Incidents is available here
Incidents Over Time
Shows the malicious incidents on your site/application/domain according to severity for the previous 7 days (regardless of the currently selected time range).
Scripts
A detailed view of the scripts running on your site for the last 24 hours. Data presented includes the risk the script poses to your site, the script type, ID, and source. Also included in the Scripts table is the percentages of unique users and pages that have been affected by the script, as well as the external source communicating with the script. The data can be sorted according to some of the column headings.
Scripts Grouping Mechanism
For tracking, detecting and organizing purposes we group scripts that update daily or that have unique strings that constantly change as part of their name. These scripts are displayed in the Scripts breakdown with [UNIQUE_ID] replacing the interchangeable part.
For example: pagead/viewthroughconversion/[UNIQUE_ID]/
Note
The Scripts panel is filtered by default. Scripts with less than 0.5% of users are filtered out in order to reduce noise.
| Column | Description |
|---|---|
| Risk Level | The level of risk the script poses to the site (malicious, suspicious, legitimate, unknown) |
| Host Domains | The scripts' host domains |
| Script Source | The origin of the script |
| Script ID | Full path, including the script name, used as the script ID |
| Type | First-Party or Third-Party |
| % Users | Percent of users being accessed by the script |
| % Pages | Percent of pages on your site being accessed by the script |
| Age on Site | How long the script has been observed on the site |
| Additional Information | Any additional information related to the script |
The data presented in the Scripts component can be filtered by clicking 
- Select the filter parameters from the dropdown. By default all filter parameters are selected.
The Scripts filter will not affect data in the other components of the Code Defender dashboard.
Updated about 1 year ago