Skip to main content

Manage attack events Hosted customers only

Note

This feature is for hosted customers.

If you are an on-premises customer, visit Manage attacks.

When Contrast reports an attack event, you have the option of configuring a Protect rule to determine how Contrast reacts to the event or adding an application exclusion to suppress the event that you consider to be safe.

Before you begin

  • Ensure that role-based access control is turned on.

    Role-based access control is a preview feature and not available to all customers. Contact your Contrast representative to have role-based access control turned on.

  • You need a role with the View Attack Data action.

Steps

  1. Select Attack events in the header.

  2. If you are using a grouped view, select an event row. If you are using an individual view, skip this step.

  3. To configure a Protect rule for the event, select the Configure Protect rule icon (icon-configure-protect-rule.svg) in the Actions column.

    Configuring a Protect rule lets you decide whether Contrast should monitor or block the event if it occurs.

  4. To create an application exclusion for the event, select the Configure exclusion icon (icon-configure-rule.svg) in the Actions column.

    Configuring an application exclusion lets you specify whether Contrast should suppress events that you know are safe.

  5. To add the IP address to a denylist, select the Denylist icon (icon-block.svg in the Actions column.