LogoLogo
  • Overview
    • Overview
    • Integration Modes
    • Minimum Required Dataset
    • Customer Service Desk
  • Netacea Plugin Information
    • Accessing Your Integration Settings
    • Akamai
      • Akamai Plugin Logic
      • Monitoring Configuration
      • Installation and Configuration
        • Proxy Property Configuration
        • EdgeWorker Installation
        • Property Configuration
          • Optional Integration Configuration
    • Cloudflare
      • Cloudflare Plugin Logic
      • Monitoring Configuration
      • Installation and Configuration
        • Installation via Wrangler (CLI)
        • Installation via Cloudflare UI
    • CloudFront
      • CloudFront Plugin Logic
      • Monitoring Configuration
      • Installation and Configuration
    • Fastly
      • Fastly Plugin Logic
      • Monitoring Configuration
      • Installation and Configuration
        • Advanced Configuration
        • Deployment via Terraform
    • Fastly Magento
      • Fastly/Magento Plugin Logic
      • Monitoring Configuration
      • Installation and Configuration
        • Advanced Configuration
    • F5
      • F5 Plugin Logic
      • Monitoring Configuration
      • Installation and Configuration
    • API Direct Integration
      • How to Build a Netacea Plugin
  • Netacea Data Sync
    • Data Sync
    • Recommendations
  • Captcha
    • reCAPTCHA User Journey
    • hCaptcha User Journey
    • Custom reCAPTCHA Page Guide
    • Custom hCaptcha Page Guide
Powered by GitBook

Copyright Netacea 2023

On this page
  1. Netacea Data Sync

Recommendations

Netacea has the capability of providing Recommendations using N/ Data Sync.

PreviousData SyncNextreCAPTCHA User Journey

Last updated 1 year ago

N/ Data Sync Recommendations

N/ Data Sync delivers a real time stream of bots detected, using zero-latency integrations with log capture tools and other threat or risk feeds.

Netacea provide a N/ DETECTION FEED of all current threats to the customer to use as the basis for taking action against visitors using existing systems​

The data can then be used in correlation with other SIEM feeds to gain better insight into the overall Target security posture​

The data can be supplied to the customer's preferred ingest method for actioning. Examples include placing messages onto a Kinesis stream or by sending the information to an S3 bucket.

  1. The visitor requests the site protected by Netacea.

  2. A copy of the web request is sent as log data for analysis using our collective threat intelligence, machine learning and behavioural analysis to determine if the request is safe.

    1. The Netacea Plugin can send the request to an ingest API endpoint.

    2. The customer can send the request via a separate log shipping job to an endpoint provided by Netacea.

  3. N/ Detection Engine analyses every request and re-evaluates the status of every visitor. Any visitors/potential visitors identified as threats by N/ Detection Engine are added to the Targeted Theat List ready for the next request from that visitor​.

  4. Netacea then distributes the list of all active threats to the customer to identify and take action against. All threats detected are made available either as a regular file drop or via a Kinesis stream.​ Threats can be imported into existing threat management systems (for example for the automated creation of WAF rules of account lockout flags) or be used as a data source for subsequent requests.​

  5. Customer takes action on the recommendations in line with their blocking strategy.

  6. If the requests are benign, subsequent requests are passed to the origin as normal.

  7. If the requests require a mitigation to take place, the appropriate action is taken and served to the client on all subsequent requests.