Follow

Q&A: Are There Real Time Incident Procedures (RTIP) for WAF?

Question

  • We want to know if there are real-time incident procedures for WAF?
    • Is there a specific situation where Silverline would initialize contact for a WAF attack?

 

Environment

  • Silverline WAF
  • Silverline Incident Notifications Procedures
  • Silverline Customer Portal Account Information

 

Answer

  • No, there are not incident procedures for WAF as we do not actively monitor spikes in customer violations

Why?

  • We have many customers that are online retailers for example, so when they have sales, there are large spikes in WAF violations however not necessarily because of an attack, but simply because there is more traffic traversing the application so by default it's creating a lot more violations.
  • We depend on customers reviewing via their Silverline Portal WAF Violations Stats page for any spikes as well as ensuring they are following the Maintenance and Announcements page.
  • In your user account setting in the Silverline Portal, you can change the frequency of receiving the WAF violation reports from daily to weekly to never. By reviewing the logs, you can determine if the spike is expected or not. 

 

Related Content

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request