Home Anomaly detection

Accurate monitoring & alerts

Anomaly detection: Complete visibility of your web landscape

 

Anomaly detection is crucial in today’s cybersecurity strategy due to the sophistication, disruption, and frequency of a new generation of threats.

This system analyzes patterns and identifies alterations in the traffic of your websites, warns when they occur, and offers the possibility of triggering our systems to react to an incident, for example, when you are suffering a Distributed Denial of Service (DDoS) attack.

Sistema de Detección de Anomalías
Anomalías de tráfico de datos

Active monitoring

The system actively looks for patterns in your website traffic and notifies you if an anomaly occurs. We provide the ability to trigger our systems if you need to mitigate an incident.

Easy to use

Detections can be configured easily through our control panel. It allows you to enable or disable detections for every site as well as to customize threshold and sensitivity parameters depending on the website’s nature. In addition, you can easily parameterize the list of exceptions.

The Transparent Edge anomaly detection system currently considers six types of anomalies
Incremento de tráfico

Increase in traffic

Using the 95th percentile approach, we examine the data stream to identify any significant increases in requests or bandwidth. In addition, the system compares this data to historical patterns to discern whether this is an anomaly or a recurring pattern.

Altavoz

Hit ratio

The system immediately identifies any abrupt drop in the hit ratio of your website. There are multiple factors that could contribute to this, such as changes in caching strategies or attempts to attack the origin by dodging the cache using random parameters.

Request por IP

Request per IP

Based on the calculation of the average number of requests per second for each user of your website. You will receive a notification if the requests per second of an IP address exceed three times the standard deviation as long as it is above the set sensitivity threshold.

Tiempo de respuesta

Response time

A notification will be generated when the source platform is slow to respond, resulting in an unusual increase in response times. The normal distribution of the received data is evaluated to identify response time parameters that exceed the allowed limits.

Código de estado

Status code

Detect and report any significant increase in 503 errors on your website. Evaluating this type of error makes sense since, in Transparent Edge, we present all 50x errors as a 503 status code.

Escáner de vulnerabilidades

Vulnerability scanner

This feature alerts you when a malicious user attempts to scan your web page for vulnerabilities in your code. Knowing this, you can make automatic or manual decisions to respond to such attempts. In addition, you will be alerted even when the WAF is in detection mode.