Enable Alerts for Websites - User Guide - 2 - Cortex XPANSE - Cortex - Security Operations

Cortex Xpanse Expander User Guide

Product
Cortex XPANSE
Version
2
Creation date
2024-05-22
Last date published
2024-07-16
Category
User Guide
Solution
Cloud
Abstract

Enable Cortex Xpanse to create alerts when potential risks are observed on your websites.

The attack surface rules for websites are disabled by default. Enable these attack surface rules to enable Xpanse to start creating alerts for websites.

  1. Navigate to Policies and RulesAttack Surface Rules.

  2. Use the filter to find the attack surface rules for websites.

    1. Click the filter icon in the upper right corner to open the filter bar.

    2. In the Select Field dropdown menu, select Attack Surface Rule.

    3. In the Value field dropdown menu, select the two attack surface rule categories for websites: Web Security Assessments and Web Technology CVE Inferences.

    4. Click outside of the filter area into the results table to see the full list of attack surface rules for websites.

  3. For each attack surface rule you want to enable, right click in the appropriate row and select Enable.

  4. Optionally, you can change the default severity that will be assigned to alerts that match the attack surface rule by right-clicking on the rule and choosing from the Change Severity options.