Documentation
FAQs

What's the difference between a finding and an alert?

Created:
September 18, 2023
Updated:
July 19, 2024

In the FireTail platform, findings and alerts can be used to enhance API security by providing detailed insights into issues and notifying you when specific conditions are met.

Findings

Findings provide detailed information about issues or potential issues with your APIs. They are generated when the FireTail platform identifies an issue corresponding to the OWASP Top 10 API security issues or other general API security concerns.

How Findings Are Generated
  • Event Occurrence: Findings can be triggered when an event occurs, such as when a specification is uploaded to the FireTail platform or when a GitHub repository is scanned.
  • Event Processing: During these events, the events processor scans the file or repository. If certain criteria are met, a finding is created. A single event can lead to multiple findings.
  • Other Sources: Findings can also come from detections in logs and observations from active scanning.

Alerts

An alert in the FireTail platform notifies you when specified thresholds or conditions are met within your API environment. There are two types of alerts: static alerts, which use predefined static values as thresholds, and anomaly detection alerts, which identify irregular behavior based on historical data patterns. Alerts are customizable with filters, conditions, and notification methods to ensure you receive timely and relevant updates.

Differences Between Findings and Alerts

  • Findings: These are triggered and defined based on specific security criteria.
  • Alerts: These are activated based on the filters and conditions you configure. When the set conditions are met, you receive an alert via your chosen notification method. For instance, you could set an alert to notify you when there are over 50 requests with a 200 response code within a two-hour timeframe.

In summary, findings give you detailed insights into security issues, while alerts notify you when certain conditions are met based on your configuration.

Related topics

Getting started
Organizations
Applications
APIs
Posture management
Specifications
Integrations
Code Libraries
Alerts
Reporting
Python documentation
FAQs
Related Docs
Do you have any integrations with Azure?
View doc
Can I set up an on premise installation?
View doc
How do I download information from the FireTail platform?
View doc
How do I scan my AWS account for APIs?
View doc
Recently Updated
Update an anomaly alert
View doc
Set up an alert with a new Slack integration
View doc
How do I log in to the platform?
View doc
Why create an organization?
View doc
AWS Application Load Balancer logging
View doc