This feature is part of VTEX Shield. If you are already a VTEX customer and want to adopt VTEX Shield for your business, please contact Commercial Support. Additional fees may apply. If you are not yet a customer but are interested in this solution, please complete our contact form.
Security Monitor is a dashboard that helps merchants identify and manage potential risks in their environment in real time. The tool identifies configuration risks and the behavior of admin users, then notifies merchants via email, enabling them to take preventive action against security vulnerabilities.
To access the dashboard, follow the steps below:
- In the VTEX Admin, go to Dashboards, or type Dashboards in the search bar.
- Under Security Monitor, click Security Monitor Dashboard.
Security Monitor displays the findings in three tabs based on their status:
In all tabs, you can:
Below, you will find specific details about the information available in each tab and their related actions.
Open
The Open tab displays the threats detected by the Security Monitor that have not yet been managed or snoozed.
The top bar displays the total number of findings and the number of threats by severity level (high, medium, or low).
The tab displays the full list of open findings in a table, from the most recent to the oldest:
| Column fields | Description |
|---|---|
| Finding | User email or application key related to the finding. |
| Type | Type of finding detected:
|
| Detected | Date the finding was detected. |
| Sensor | Sensor that detected the threat:
|
| Severity | Level of threat severity, determined by the impact or potential risk associated with the threat:
|
| Action menu ⋮ | Menu of possible actions for the finding: |
Managing findings
To manage a finding, follow the instructions below:
-
In the finding row, click the ⋮ menu.
-
Select
Manage.You will be redirected to the Users screen in Account Management to edit the roles associated with the specific user or application key.
Snoozing findings
To move a finding to the Snoozed tab, removing it temporarily from the Open tab, follow the instructions below:
- In the finding row, click the ⋮ menu.
- Select
Snooze. - Choose the number of days you want the finding to remain in the Snoozed tab. The options available are: 7, 90, or 120 days.
- Click
Snooze.
Snoozed
The Snoozed tab lists the findings that have been snoozed in a table, with the same information as described in the Open tab.
In the Snoozed tab, the actions menu in each finding's row only displays the Unsooze option, which allows you to undo the snooze action and send the finding back to the Open tab.
Closed
The Closed tab displays a list of findings that have been managed and are therefore closed. It displays the following information in a table:
| Column fields | Description |
|---|---|
| Finding | User email or application key related to the finding. |
| Type | Type of finding detected:
|
| Detected | Date the finding was detected. |
| Closed | Date the finding was closed. |
| Closed By | Indicates that the finding was automatically closed after being managed by an admin user. |
| Severity | Level of threat severity, determined by the impact or potential risk associated with the threat:
|
Searching for findings
In the search bar, enter the user's email address or the name of the application key to find related findings.
Filtering findings by type
By clicking Type , you can choose one of the finding types to filter the results displayed in the list. Click Apply to confirm the chosen filter, and the list will be updated.
Editing notification settings
To edit the admin users who will be notified about the findings, follow the steps below:
-
Click the gear button in the top right corner of the screen.
-
Enter the email address of the user that will receive notifications and press
Enter. Repeat this step for as many users as you want.To remove a user, click the
Xnext to their email. -
Click
Save.
