Hello, dear, in ASM will there be any way to alert either by mail or something when a traffic is blocked by waf? specifically when it is blocked by brute force attack, the suport id is not reaching the client and I need to know some way to alert that
How is your login page configured against brute force? Specifically, for your Source-Based Protection settings, are you tracking by Username, IP address, Device ID, etc.? The CAPTCHA response includes a support ID as shown here:If you are using the default Blocking Response page for Login Pages (instead of CAPTCHA) then the Support ID should also be displayed to the client. The recommendation for logging is to use a remote server which you could then configure to send emails based on certain security events.