The Third-party Details Page: Security Tab
This page shows you detailed information about how your security ruleset is affecting each third party on your site. You can use the dashboard to investigate issues with third parties that you suspect might be caused by a security rule. For example, if you excluded a third party or a third party's host from a CSP rule, but the third party is still getting blocked, you can use this dashboard to investigate which rule is blocking the third party.
If you see a spike in security violations, it could be because a third party was recently added to your site. You can use this dashboard to see determine whether the new third party is getting flagged or blocked, and by which CSP rules.
You can access this page in several ways:
-
From the Performance Inventory page, the Service Blocker Inventory Page, or Service Flow, click a third party in the list to see the details view. Then click Third Party Details. Click the Security tab.
-
Click Inventory > Third-party Details and search for or click the third party that you want to view details for. Click the Security tab.
The page shows you the following information:
|
Example |
Metric |
Description |
|---|---|---|
|
|
Page % |
The percent of your site's pages on which the third party runs. |
|
|
Flagged Violations |
The number of flagged security violations |
|
|
Blocked Violations |
The number of blocked security violations |
Highlights
The highlights tables help you determine which rule is blocking this third party and which hosts are being blocked. If you have accidentally set one of your CSPs to report or block a third party, you can use the highlights tables to correct your error.
The [Third Party] Rule Configuration table shows which rules are flagging or blocking the third party. In the example below, the CSP rule is set to report-only mode and has logged 352 flagged security violations from Monetate. Click the rule name to open a Diagnostics table with the security violations from that rule in the last hour.
The [Third Party] Hosts table lists the third party's hosts, their certificate status, and violations. Click on a host name to open a Diagnostics table with the most recent security violations caused by that host.
Trends
The first trends graph show how the third party has performed over the selected period. Use the first drop-downs to select the metric you want to view data for.
The Real-time Data graph gives you up-to-the minute data on the selected metric for the third party. You can use it to monitor how recent changes to your security rules are affecting the third party's impact on your site. Click in the last hour to select a different time period.
Diagnostics
Use the first drop-down to select which diagnostics table you want to view. Use the second drop-down to choose the type of violations you want to see.
By default, the diagnostics tables display the most recent 20 instances found in the last hour. Click the drop-downs to change the number or time period.
| Top Directives | Shows the directives that are logging the most security violations from this third party. |
| Most Viewed Pages | Shows the pages on which this third party is causing the most security violations. |
| Top Resources | Shows the resources from this third party that are causing the most security violations. |
| Top Domains | Shows the domains from this third party that are causing the most security violations. Click the domain name to see the violations that the domain has caused in the last hour. |
| Most Recent Violations | Shows the most recent security violations from this third party. You can filter this table using the drop-downs or the search bar. |