Data and Customization of AppSec Policy
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
1 hour 13 minutes
Difficulty
Beginner
CEU/CPE
1
Video Transcription
00:00
>> Now, let's briefly explore various nooks and
00:00
crannies of the system where we
00:00
can find some interesting insights.
00:00
Naturally, navigating to the various sections here will
00:00
provide us with information on
00:00
the various entities we've set up.
00:00
Under agents, we can view the list of
00:00
nano agents that are configured
00:00
to work with our deployments.
00:00
As we can see, the status of this agent is connected.
00:00
Beyond that, we can access the AppSec monitor,
00:00
which provides us with rich data
00:00
concerning incidence handled by AppSec,
00:00
including a tax sources,
00:00
the timeline of attacks,
00:00
and the assets that have been attacked.
00:00
Events displays a list of incidence.
00:00
In case you'd like to customize your AppSec policy,
00:00
you have various ways to do so.
00:00
For instance, adding an exception to
00:00
the policy which blocks
00:00
requests from a certain source IP.
00:00
Based on parameters defined here,
00:00
when there is a match,
00:00
the agent will operate
00:00
according to what it's instructed to do here,
00:00
overriding any AppSec engine defined criteria.
00:00
You can further narrow down or broaden
00:00
the scope of exceptions by adding behaviors.
00:00
In terms of best practices,
00:00
we've already mentioned the learning period,
00:00
which is the period during which
00:00
the AppSec engines gather
00:00
and analyze data to build adequate profiles.
00:00
After this period is over,
00:00
the system provides us with
00:00
a recommendation to switch to prevention.
00:00
Following that recommendation, we can go ahead to
00:00
the assets threat prevention tab
00:00
and switch the mode to prevent.
00:00
For additional best practices,
00:00
please refer to the AppSec best practices section in
00:00
the infinity next administration
00:00
guide. There you have it.
00:00
We've gone through how cloud guard AppSec can
00:00
protect your Cloud web applications and APIs.
00:00
Utilizing sophisticated AI based engines,
00:00
which learn to detect normal versus anomalous behavior.
00:00
Constantly analyzing and profiling
00:00
the behavior of incoming traffic to the protected assets,
00:00
providing an essence in applications self-protection,
00:00
which requires no manual tuning.
00:00
We've detailed a deployment scenario
00:00
of an embedded nano agent
00:00
within an engine X reverse proxy
00:00
running on a Linux machine.
00:00
We also mentioned various other forms of deployment
00:00
depending on the environments you
00:00
operate in and your protection needs.
00:00
If you'd like to enhance your knowledge
00:00
on implementing the solution,
00:00
please refer to the infinity next administration guide.
00:00
Thank you for taking this session.
00:00
I hope you enjoyed it and I'll see you in the next one.
Up Next
Instructed By
Similar Content
