Explore the Data
Explore the data for your site on the Account Takeover Protection Dashboard.
In this topic:
- Filter the displayed data
- Configure mitigation
- Login activity over time
- Users under risk
- Top attackers
- Account takeover attempts by country
Filter the displayed data
The banner at the top of the dashboard describes the data displayed on the page.
Select a site in your account and a time frame for the data.
Assign mitigation actions, such as Block or Captcha, to account takeover attempts for each risk level. Run a simulation to assess the impact of your security strategy and view the results.
For details, see Configure Mitigation Rules.
Login activity over time
View trends and statistics on logins and login attempts to your site.
- See the percentage of ATO attempts as compared to total login attempts.
- View the impact of your mitigation strategy on malicious attempts.
- Examine ATO trends over time.
On the graph:
- Hover for more details on specific data points.
- Filter using the legend radio buttons below the graph.
- Click and drag to zoom in.
|Total login attempts||All login attempts to your site - successful, mitigated, malicious, legitimate.|
|Account takeover attempts||
Any potential takeover, as determined by our internal detection mechanism.
|Compromised user logins||
The number of logins by users whose credentials were hacked.
Click View details to see the list of compromised user accounts. For more details, see Users at Risk.
|Mitigated malicious logins||
The number of attempted logins to your site that were mitigated according to your configured mitigation rules.
If you have not yet configured mitigation rules, this statistic is disabled in the graph.
After you configure mitigation rules, this category is automatically enabled and you begin to see the impact in the graph.
To configure mitigation, see Configure Mitigation Rules.
Users under risk
View details of user accounts that have been hacked or are at risk of being compromised.
See recent trends in account takeover attempts for the site.
Users whose login credentials have been hacked, have successfully logged in, and have been determined to have malicious intent.
|Users with leaked credentials||
Users whose login credentials have been found in publicly available online databases of leaked credentials.
Click View details to see the list of user accounts with leaked credentials. For more details, see Users at Risk.
View the distribution of account takeover attempts for each attack probability level, listed by client type, IP, and IP reputation:
The client application used for the account takeover attempt.
For the full list of Imperva classified clients, see Client Classification.
The categorization of the source IP, based on our internal classification and assessment mechanisms.
The reputation gives an indication of the type of activity originating from that IP.
For example, comment-spammers, anonymous proxies, or Google Cloud Platform
|IP||The IP address of the client used for the account takeover attempt.|
Account takeover attempts by country
View the distribution of account takeover attempts by country for the selected site and time frame.
You can download the data as an image in .png format.