{"_id":"5806536b4c067c2300436366","user":"574c9889a1f0be2000ae376e","category":{"_id":"55e4c701177b6e0d003330fa","pages":["55e4c718177b6e0d003330fb","55e4c7ea40cda60d003bad38","55e4c823e252ac0d00303a54","55e4c9333325e60d007fbeb8","55e4c97540cda60d003bad3e","55e4c9903325e60d007fbebc","55e4c9c33325e60d007fbebe","55e4c9ce40cda60d003bad41"],"project":"55db8f8f1a91690d007ad975","version":"55db8f901a91690d007ad978","__v":8,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-08-31T21:28:33.497Z","from_sync":false,"order":2,"slug":"dashboard","title":"Dashboard"},"githubsync":"","project":"55db8f8f1a91690d007ad975","parentDoc":null,"version":{"_id":"55db8f901a91690d007ad978","project":"55db8f8f1a91690d007ad975","__v":17,"createdAt":"2015-08-24T21:41:36.034Z","releaseDate":"2015-08-24T21:41:36.034Z","categories":["55db8f901a91690d007ad979","55db9856b3d6540d00886426","55dc751b00a8811900c230e3","55dc766255be9f21004ee250","55dc769200a8811900c230ed","55e4c701177b6e0d003330fa","55f4915caf0bc71900a53130","55f491b2be9c2b2100f0635d","560b22739c7be70d00100bd8","57488c53e8c6a420000b729c","574cefd95953e20e00f40f9f","5798edfd7700d30e00ad250c","579ac88234b5fd0e00b9e140","57c81c6d690c200e0047b72e","57d9b8fbda17c30e003897f1","57d9b90e608ea00e00f358d8","57d9b91cda17c30e003897f4"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"__v":1,"updates":[],"next":{"pages":[],"description":""},"createdAt":"2016-10-18T16:52:59.263Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":9,"body":"The Redirect Dashboard is provided for each protected application. It consists of two views:\n1. Redirect Overview\n2. Redirect Vulnerability Detail\n\n#Vulnerabilities Overview\n----\nThe first page of Redirect Dashboard provides a table with the full list of all vulnerabilities reported by the agent. \n\nVulnerability is a trace of application execution captured in the call stack that is available in the vulnerability details view. On the overview page each vulnerability is represented by route and method responsible for the execution of the response.\n\nThe vulnerabilities overview provides a list of all vulnerabilities reported since IMMUNIO was first installed.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/51b4ce3-Screen_Shot_2016-10-18_at_1.15.08_PM.png\",\n        \"Screen Shot 2016-10-18 at 1.15.08 PM.png\",\n        1628,\n        231,\n        \"#f2f2f2\"\n      ]\n    }\n  ]\n}\n[/block]\nEach vulnerability is represented with the following information:\n\n* *Route* targeted by the reported redirect\n* *File* in which the vulnerability resides when available\n* *Line of code* where the vulnerability exists in the indicated file when available\n* *Protection Mode* applied for this route will show as Normal when IMMUNIO is functioning properly\n* Number of manually learned structures for this route (*Learned*)\n* If there were new structures detected for this route (*New*)\n* Number of grouped incidents by source (*Attacks*)\n* Number of *Blocked* occurrences\n* Most recent redirect threat that was raised for this route (*Last Occurred*)\n\n#Tuning\n----\nThe Tuning section shows information on manually learned redirect behavior.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": []\n    }\n  ]\n}\n[/block]\n\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/9a8b4d1-Screen_Shot_2016-10-18_at_1.21.04_PM.png\",\n        \"Screen Shot 2016-10-18 at 1.21.04 PM.png\",\n        1625,\n        235,\n        \"#f0f0f0\"\n      ]\n    }\n  ]\n}\n[/block]\n* *Route* targeted by the tuned redirect \n* *File* the tuned redirect applies to\n* *Line of code* where the redirect input field exists when available\n* *Protection Mode* applied for this route will show as Normal when IMMUNIO is functioning properly\n* Number of manually learned structures for this route (*Learned*)\n* Number of grouped incidents by source (*Attacks*)\n* Number of *Blocked* occurrences\n* Most recent redirect threat was raised for this route (*Last Occurred*)\n* *Action* offers a remove link for any manually learned behaviors\n\n#Redirect Vulnerability Details\n----\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/b1f3c15-Screen_Shot_2016-10-18_at_1.22.58_PM.png\",\n        \"Screen Shot 2016-10-18 at 1.22.58 PM.png\",\n        1621,\n        579,\n        \"#f2f2f2\"\n      ]\n    }\n  ]\n}\n[/block]\nThe Vulnerability Details page shows additional information about individual requests that induced the reported behavior including runtime parameters and stack trace information about that request, as well as options to tune those events if desired.\n\nFrom the top of the page, this information includes:\nExpected Domains:\n         Allowed domains from automated learning (indicated with an \"A\") or manually learned via the Action menu (indicated with an \"M\").\nOccurrences:\n         Overview of HTTP redirect requests that induced the same application behavior over time sorted by query that triggered the alert and number of occurrences.\nOccurrence Details:\n         Specific information about the selected Occurrence from the left hand panel.\nProtected:\n         Indicates whether protection was enabled at the time the event occurred.\nTimestamp:\n         Day and time when the selected event occurred.\nURL:\n         URL that was targeted with the HTTP request for this occurrence.\nDetected Domain:\n         Domain the reported request redirects to.\nRoute:\n         Route affected by the reported code structure when available.\nFile:\n         File in which the vulnerable code resides when available.\nLine:\n         Line of code where the reported code was able to be stored when available.\nAction:\n         Menu of available tuning options for the reported request. (More information below)\nStacktrace:\n         Full execution trace that represents the vulnerability.\n    \n#Tuning Options\n----\nIf IMMUNIO detects suspicious code that was not recorded in the Analysis Mode phase and this request is valid, you can update the sensors during vulnerability review.\n[block:image]\n{\n  \"images\": [\n    {\n      \"image\": [\n        \"https://files.readme.io/3524f10-Screen_Shot_2016-10-18_at_1.31.28_PM.png\",\n        \"Screen Shot 2016-10-18 at 1.31.28 PM.png\",\n        377,\n        86,\n        \"#dfe1de\"\n      ]\n    }\n  ]\n}\n[/block]\nThe following Tuning Options are available:  \n\nAccept redirect to this domain:\n\tAllows future redirects to this domain for this context without further alerts or blocking.\n\nAccept redirect to any domain:\n\tAllows future redirects to any domain for this context without further alerts or blocking.","excerpt":"","slug":"redirect","type":"basic","title":"Redirect"}
The Redirect Dashboard is provided for each protected application. It consists of two views: 1. Redirect Overview 2. Redirect Vulnerability Detail #Vulnerabilities Overview ---- The first page of Redirect Dashboard provides a table with the full list of all vulnerabilities reported by the agent. Vulnerability is a trace of application execution captured in the call stack that is available in the vulnerability details view. On the overview page each vulnerability is represented by route and method responsible for the execution of the response. The vulnerabilities overview provides a list of all vulnerabilities reported since IMMUNIO was first installed. [block:image] { "images": [ { "image": [ "https://files.readme.io/51b4ce3-Screen_Shot_2016-10-18_at_1.15.08_PM.png", "Screen Shot 2016-10-18 at 1.15.08 PM.png", 1628, 231, "#f2f2f2" ] } ] } [/block] Each vulnerability is represented with the following information: * *Route* targeted by the reported redirect * *File* in which the vulnerability resides when available * *Line of code* where the vulnerability exists in the indicated file when available * *Protection Mode* applied for this route will show as Normal when IMMUNIO is functioning properly * Number of manually learned structures for this route (*Learned*) * If there were new structures detected for this route (*New*) * Number of grouped incidents by source (*Attacks*) * Number of *Blocked* occurrences * Most recent redirect threat that was raised for this route (*Last Occurred*) #Tuning ---- The Tuning section shows information on manually learned redirect behavior. [block:image] { "images": [ { "image": [] } ] } [/block] [block:image] { "images": [ { "image": [ "https://files.readme.io/9a8b4d1-Screen_Shot_2016-10-18_at_1.21.04_PM.png", "Screen Shot 2016-10-18 at 1.21.04 PM.png", 1625, 235, "#f0f0f0" ] } ] } [/block] * *Route* targeted by the tuned redirect * *File* the tuned redirect applies to * *Line of code* where the redirect input field exists when available * *Protection Mode* applied for this route will show as Normal when IMMUNIO is functioning properly * Number of manually learned structures for this route (*Learned*) * Number of grouped incidents by source (*Attacks*) * Number of *Blocked* occurrences * Most recent redirect threat was raised for this route (*Last Occurred*) * *Action* offers a remove link for any manually learned behaviors #Redirect Vulnerability Details ---- [block:image] { "images": [ { "image": [ "https://files.readme.io/b1f3c15-Screen_Shot_2016-10-18_at_1.22.58_PM.png", "Screen Shot 2016-10-18 at 1.22.58 PM.png", 1621, 579, "#f2f2f2" ] } ] } [/block] The Vulnerability Details page shows additional information about individual requests that induced the reported behavior including runtime parameters and stack trace information about that request, as well as options to tune those events if desired. From the top of the page, this information includes: Expected Domains: Allowed domains from automated learning (indicated with an "A") or manually learned via the Action menu (indicated with an "M"). Occurrences: Overview of HTTP redirect requests that induced the same application behavior over time sorted by query that triggered the alert and number of occurrences. Occurrence Details: Specific information about the selected Occurrence from the left hand panel. Protected: Indicates whether protection was enabled at the time the event occurred. Timestamp: Day and time when the selected event occurred. URL: URL that was targeted with the HTTP request for this occurrence. Detected Domain: Domain the reported request redirects to. Route: Route affected by the reported code structure when available. File: File in which the vulnerable code resides when available. Line: Line of code where the reported code was able to be stored when available. Action: Menu of available tuning options for the reported request. (More information below) Stacktrace: Full execution trace that represents the vulnerability. #Tuning Options ---- If IMMUNIO detects suspicious code that was not recorded in the Analysis Mode phase and this request is valid, you can update the sensors during vulnerability review. [block:image] { "images": [ { "image": [ "https://files.readme.io/3524f10-Screen_Shot_2016-10-18_at_1.31.28_PM.png", "Screen Shot 2016-10-18 at 1.31.28 PM.png", 377, 86, "#dfe1de" ] } ] } [/block] The following Tuning Options are available: Accept redirect to this domain: Allows future redirects to this domain for this context without further alerts or blocking. Accept redirect to any domain: Allows future redirects to any domain for this context without further alerts or blocking.