FireTail offers a set of preconfigured alerts designed to help you monitor and secure your APIs. These alerts detect various types of potentially harmful activities and inform you so you can take appropriate action. FireTail updates these alerts in the background, ensuring that you automatically receive any changes. Managed alerts can be set up as a Static alert or an Anomaly alert.
Preconfigured Alerts
- SQL Injection
- This alert is triggered when SQL Injection attacks are detected. SQL Injection is a code injection technique that might destroy your database.
- Secret Keys Detected
- This alert is triggered when secret keys are detected in requests. Secret keys should never be exposed in requests as they can be exploited by malicious actors.
- Malicious Requests
- This alert is triggered on detection of malicious requests that may indicate an attempt to exploit your API or application.
- Suspicious Requests
- This alert is triggered on detection of suspicious requests that may indicate probing or other anomalous activities.
- High Risk Countries
- This alert is triggered on requests coming from high-risk countries, which may have a higher likelihood of malicious activity.
- Auth Failures
- This alert is triggered on requests with authentication failures. Multiple failed authentication attempts can indicate a brute force attack.
- Server Failures
- This alert is triggered on requests resulting in server errors. Repeated server errors might indicate an ongoing attack or a critical issue with your API.
- PII Detected
- This alert is triggered on detection of Personally Identifiable Information (PII) in requests. PII should be handled securely to comply with data protection regulations.
