The Policies section of Traceable Administration (
) lets you customize Detection through predefined rules. You can also create custom rules for:
Rate limiting - Configure protection from brute-force attacks by limiting the overuse of login and other sensitive APIs. For each rule, define the number of calls not to be exceeded in a designated time window.
IP range blocking - Configure IP addresses and ranges that should NOT be serviced by your application. Requests from these IP addresses will be blocked by Traceable.
Location - Configure a list of countries that should NOT be serviced by your application. Requests from these countries will be blocked by Traceable.
Custom signatures - Configure additional custom rules based on patterns that you would like to be used in detection. This feature is especially useful if you are migrating to Traceable from a legacy WAF and have custom rules that you would like to continue using. The rules can be configured for detection and/or blocking.
from the Policies section, you can also access the Custom Exclusion list. Custom exclusions list is the list of events that you have excluded from detection.