📊 Protection Rules by Application
🚢 Global Shipping
Java Platform • 33 rules configured • 🚨 Under active attack
SQL Injection Protection
Monitoring
Protect Rule
Detects and monitors SQL injection attempts through crafted inputs that alter SQL queries to steal data or execute code.
DEV: Monitoring
QA: Monitoring
PROD: Monitoring
⚠️ Active vulnerability present - Rule should be in BLOCKING mode
Path Traversal Protection
Monitoring
Protect Rule
Prevents directory traversal attacks that allow users to control which files get opened and read by an application.
DEV: Monitoring
QA: Monitoring
PROD: Monitoring
⚠️ Active vulnerability present - Immediate blocking recommended
JNDI Injection Protection
Monitoring
Protect Rule
Detects JNDI lookup manipulation attempts that can lead to remote code execution through LDAP, RMI, or CORBA schemes.
DEV: Monitoring
QA: Monitoring
PROD: Monitoring
🔥 Critical vulnerability present - Enable blocking immediately
Log4j2 Remote Code Execution (Log4Shell)
Monitoring
CVE Shield
Protects against Log4Shell vulnerability allowing arbitrary code execution from attacker controlled log messages in Log4j2 before 2.15.0.
CVE Coverage:
CVE-2021-44228
CVE-2021-45046
DEV: Monitoring
QA: Monitoring
PROD: Monitoring
XXE Injection Protection
Monitoring
Protect Rule
Verifies that external entities aren't processed during XML parsing to prevent XXE attacks.
DEV: Monitoring
QA: Monitoring
PROD: Monitoring
Cross-Site Scripting (XSS)
Disabled
Protect Rule
Prevents web application vulnerabilities that allow users to run arbitrary JavaScript in other browsers.
DEV: Off
QA: Off
PROD: Off
💡 Consider enabling for comprehensive protection
📋 Liferay 7.0.6 GA7
Java Platform • Limited rules active • 🎯 Historical attacks detected
Untrusted Deserialization
Blocking
Protect Rule
Prevents arbitrary object deserialization that allows remote code execution through malicious serialized data.
✅ Successfully blocked 1 attack attempt
Path Traversal Protection
Monitoring
Protect Rule
Monitors directory traversal attempts to access files outside application boundaries.
📊 Detected 1 probe attempt - No blocking configured
📦 Cargo Cats Microservices
Python/Flask • 6 services • 🆕 New deployment - Rules pending
⚠️ Protection Gap Identified
New microservices deployment detected with critical vulnerabilities but no ADR rules configured yet. Immediate rule deployment recommended for:
- HTTP Request Smuggling protection (Gunicorn vulnerabilities)
- MySQL injection protection
- Dependency vulnerability scanning
- Input validation rules