A Runtime Alert Example: Outbound Connection to a Prohibited Country


If I click on this outbound connection being made to a prohibited country, we can see very detailed information of this alert. So we show you things like, hey, what was the title of this alert? What did it map to? So in terms of security or compliance, detailed information around where this vulnerability was discovered. In this case, it was in the middleware component. It maps to this very specific category. Here’s how we map back to the compliance framework. And we take it a little bit further within this alert representation.

Earlier, I said that we map to PCI DSS SOC Type 2 and NIST. But if you look at this alert, we actually take it even further. So we drill down to the actual subsection within each one of these compliance frameworks. So this particular violation would be part of PCI DSS 3.2, subsection 1.2.1.

And again, depending on the type of alert, the description and resolution may vary. So this is quite a straightforward alert. Essentially, the application is making an outbound call to a bad country or a country that’s been defined as denied in our policy. And then we give you some information about how to resolve this.