Trace Qualification

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Overview

Application Security Management (ASM) provides observability into application-level attacks, and evaluates the conditions in which each trace was generated. ASM trace qualification then labels each attack as harmful or safe to help you take action on the most impactful attacks.

Filter by the Qualification facet in the ASM Traces Explorer to view the possible qualification results:

ASM trace list with the qualification facet showing the possible qualification results

Qualification outcomes

ASM runs qualification rules (closed-source) on every trace. There are four possible qualification outcomes, as listed in the facet menu:

Qualification resultDescription
UnknownASM has qualification rules for this attack, but did not have enough information to make a qualification decision.
None successfulASM determined that attacks in this trace were not harmful.
HarmfulAt least one attack in the trace was successful.
No valueASM does not have qualification rules for this type of attack.

Trace sidepanel

The qualification result can also be seen when viewing the details of an individual trace.
Example of a trace that ASM has qualified as safe:

ASM trace qualified as safe

Example of a trace that ASM has qualified as harmful:

ASM trace qualified as harmful

Further Reading

Additional helpful documentation, links, and articles:

Protect against threats with Datadog Application Security ManagementDOCUMENTATION more more How Application Security Management WorksDOCUMENTATION more more