Dynamic Defense

How to View Reporting

The AT&T Dynamic Defense Service provides reporting functionality to help administrators make informed decisions to enhance their network security and efficiency.

Reporting home screen

To reach the reporting page, navigate to Insights at the top navigation menu, then select Reports from the left-hand menu. Here you can view the following reports:

Application Traffic

Focuses on the most frequently used software applications used within an organization's network. This includes both legitimate business applications and potentially risky or unauthorized software. This report provides essential insights into the applications in use, their security implications, and ensures visibility for optimizing application security and network performance. 

Data Fields: 

  • Inbound or outbound view
  • Application
  • Usage Data
Top Detected Threats

Focuses on the Premium Threat Protection feature for premium users. This report shows threats detected by spyware, vulnerability and virus protection along with severity of the threat detected to give insights on potential threats to your network.

Data Fields:

  • #
  • Threat
  • Type
  • Severity
  • Application
  • Count
Top DD Shield Outbound Hits

Focuses on specific malicious objects that have been intentionally restricted or denied access within an organization's network based on AT&T Threat Intelligence. This report provides crucial insights into the content that has been blocked for security reasons by AT&T, helping to safeguard the network and protect against potential exfiltration.

Data Fields:

  • #
  • Source Address
  • Destination Address
  • Rule
  • Count
Top Countries Blocked Hits

Delves into the countries that have been restricted or denied access by an organization's network security infrastructure. This report provides crucial insights into the countries that are being actively blocked or filtered based on geo-location, offering a deeper understanding of potential security threats and illicit communication attempts. 

Data Fields:

  • #
  • Source Address
  • Country Source
  • Destination Address
  • Country Destination
  • Rule
  • Count
Top URL Categories Blocked

Focuses on the website categories and web content types that have been deliberately restricted or denied access within an organization's network. This report provides critical insights into the types of web resources that are deemed unsafe or non-compliant, aiding in the protection of network security and regulatory compliance. 

Data Fields:

  • #
  • Category
  • Count
Top Blocked URLs

Focuses on the specific web addresses and URLs that have been intentionally restricted or denied access within an organization's network. This report provides crucial insights into the URLs and web content that have been blocked for security and policy compliance reasons, helping to safeguard the network and protect against potential threats. 

Data Fields:

  • #
  • Category
  • URL
  • Count
Top DNS Categories Blocked

This report provides an overview of the types of DNS categories that were blocked and the frequency of these blocks. This information helps in understanding the nature of online threats being intercepted, ensuring enhanced security and compliance for your network.

Data Fields:

  • #
  • Category
  • Count
Top Blocked DNS Domains

This report provides an overview of the specific DNS domains that were blocked and the frequency of these blocks. This information helps in identifying problematic or malicious websites that are being intercepted, ensuring enhanced security and protection for your network.

Data Fields:

  • #
  • Domain
  • Count
Top Allow List Hits

Focuses on instances where network traffic or communication attempts have been permitted due to hits on various allow lists. Allow lists contain information about trusted entities, IP addresses, domains, or URLs that are authorized to access an organization's network or systems. This report provides critical insights into the sources of these block list hits, offering a deeper understanding of potential security threats and illicit communication attempts.

Data Fields:

  • #
  • Source Address
  • Destination Address
  • Rule
  • Count
Time Filtering

Time-based filtering allows administrators to precisely tailor their security insights by selecting from a range of time intervals, ensuring the most relevant data is available to make data driven decisions about their security posture.

Filtering Options include:

  • Last 24 hours
  • Last 7 days
  • Last 30 days
  • Custom date range
Time filtering for reports

Once you’ve specified the precise data you need, whether it’s from yesterday, last week, a specific day, or a particular week, simply export the reports to PDF format. This will empower administrators to share these critical insights with key stakeholders or further analyze the data outside of the Dynamic Defense portal.

Upon clicking the "Export" button, only the report showing will download. When the exporting has completed, you will find the Report within your downloads folder, and a notification of success or failure will populate within your notifications module.