Oct 16 2019 07:16 AM - edited Oct 16 2019 07:17 AM
Thanks so much for your reply. Ok I understand the built-in alert for breached apps(Kudos!), I also understand traffic logs would advise that there was traffic between 2 of our computer clients and a URL associated with a breached app, however, the 2 users do not have the associated app installed or use it, they simply browsed to a website to investigate the URL.
Which then looks to me like a false alert. No breached app was actually in use. So my understanding now is the dashboard alert is based on traffic logs between two points(One being host to a breached app) rather than traffic between a specific "breached" application and our clients. Hope this makes sense?