Get started with your Dashboard

DataDome dashboard for customers

The DataDome dashboard allows you to get traffic information for your websites that are protected by the DataDome module.

  • At your very first use of the DataDome dashboard, it may not contain any data yet. Please start by initially Setting up your DataDome module.

Threat Overview

On the home page, the overview will display all the current threats monitored on your websites with the number of associated requests and risk levels.
Below, the timeline chart will let you know all the past or on-going attacks targeting your mobile applications, websites and APIs, over the line chart of total threat requests.


📘

Risks levels

These levels are computed by watching the volume of your threat requests in comparison to the average threats traffic we see on all our customers. All the risks levels from the lowest to the highest:

  • Moderate
  • Elevated
  • High
  • Critical

To learn more about one attack, just click on it on the chart or in the tab and it will open the statistics panel. If you want to get in-depth analytics about this attack, just hit the Explore button at the bottom of the panel.

📘

Attack definition

An Attack highlights a sudden acceleration in the threat requests compared to the regular average threat requests.
Sometimes, an attack that is quite huge could trigger a DDoS attack.


Threat Definitions

Layer 7 DDoS
Requests targeting application/database servers' resources or individual user accounts, to conduct denial of service attacks (DoS).
The activity may resemble a legitimate application's process but leads to the exhaustion of resources such as file system, memory, processes, threads, CPU, as well as human and/or financial resources.
Source: Automated Threats to Web Applications.

Vulnerability Scanning
Requests that systematically tally, catalog, and examine identifiable, predictable, and unknown content locations, paths, file names, and parameters, in order to find weaknesses and possible security vulnerabilities.
Source: Automated Threats to Web Applications.

Scraping
Requests collecting application content and/or other data for use elsewhere.
Some scraping may use fake or compromised accounts or may exploit information that is accessible without authentication.
Source: OWASP Automated Threats to Web Applications.

Credential stuffing
Requests conducting mass log-in attempts to verify the validity of stolen username/password pairs or identifying valid login credentials by trying different values for usernames/passwords.
Source: Automated Threats to Web Applications.


Threat Overview sub-pages

Depending on which threats are monitored on your mobile applications, websites and APIs, you may see on your Dashboard one or more sub-pages from the following list:

  • Scraping
  • Layer 7 DDoS
  • Vulnerability Scanning
  • Credential Stuffing

Every sub-page focuses on a particular threat. For example, in the Scraping sub-page, you will find only Scraping requests and Scraping attacks, along with KPIs relative to this particular threat.

🚧

Protection coverage

If your protection coverage is not 100%, it may indicate that something is wrong in your endpoint configuration.


Explore

This page allows you to explore traffic by dimension (IP, country, URL, etc.) as well as rules and rules' type. (Read more about explore your traffic).