Security Dashboard
Monitor security events and maintain platform integrity
The Security Dashboard provides comprehensive visibility into security-related events, access patterns, and potential threats. This guide explains how to use security features effectively.
Dashboard Overview
Accessing Security Dashboard:
Admin → Analytics → Security
Dashboard Panels:
| Panel | Shows |
|---|---|
| Activity Overview | Login attempts, actions |
| Threat Detection | Suspicious patterns |
| Access Logs | Who accessed what |
| Rate Limiting | Blocked requests |
| Audit Trail | Admin actions |
Time Range:
- Last 24 hours (default)
- Last 7 days
- Last 30 days
- Custom range
Authentication Monitoring
Login Activity:
Metrics Tracked:
- Successful logins
- Failed login attempts
- Password reset requests
- Session creations
- Session expirations
Login Alerts:
| Alert Type | Trigger |
|---|---|
| Brute Force | 5+ failed attempts |
| Unusual Location | New geography |
| Concurrent Sessions | Multiple devices |
| After Hours | Outside normal times |
Viewing Login Details:
- Click on login event
- See user, time, IP, device
- View location (if available)
- Check success/failure reason
Failed Login Analysis:
- Identify attack patterns
- Check if targeting specific users
- Review IP addresses involved
Audit Logging
What Gets Logged:
User Actions:
- Idea submissions
- Vote allocations
- Comment posts
- Profile changes
- Product access
Admin Actions:
- User modifications
- Product changes
- Access grant/revoke
- Moderation actions
- Settings changes
System Events:
- API calls
- Rate limit hits
- Error occurrences
- Integration syncs
Audit Log Fields:
| Field | Description |
|---|---|
| Timestamp | When it happened |
| User | Who performed action |
| Action | What was done |
| Resource | What was affected |
| Details | Additional context |
| IP Address | Source IP |
Rate Limiting
Understanding Rate Limits:
Rate limiting protects against abuse by restricting request frequency.
Default Limits:
| Action | Limit | Window |
|---|---|---|
| Login attempts | 5 | 15 min |
| Idea submissions | 10 | 1 hour |
| Votes | 50 | 1 hour |
| Comments | 20 | 1 hour |
| API calls | 100 | 1 min |
Rate Limit Dashboard:
- Current limit status per user
- Blocked request count
- Top rate-limited users
- Limit triggers over time
Adjusting Limits:
- Go to Settings → Security → Rate Limits
- Select the action type
- Modify limit and window
- Apply changes
Exceptions:
- Create exceptions for trusted users
- API keys can have custom limits
Threat Detection
Automatic Detection:
Detected Patterns:
- Credential stuffing attempts
- Automated bot activity
- Unusual voting patterns
- Comment spam campaigns
- Data scraping attempts
Alert Severity:
| Level | Response |
|---|---|
| Critical | Immediate action |
| High | Review within hour |
| Medium | Review within day |
| Low | Weekly review |
Responding to Threats:
- Click alert in dashboard
- Review affected users/resources
- Check related events
- Take appropriate action:
- Block IP address
- Suspend user
- Enable CAPTCHA
- Notify affected users
Access Reports
User Access Report:
Who has access to what products.
Generating Report:
- Go to Security → Reports → Access
- Select scope (all or specific product)
- Choose format (view, CSV, PDF)
- Generate
Report Contents:
- User list with roles
- Product access per user
- Grant source (direct, group, role)
- Last access date
- Grant expiration
Permission Audit:
- Compare actual vs expected access
- Identify over-provisioned users
- Find unused access grants
- Verify role assignments
Recommended Schedule:
- Monthly access review
- Quarterly permission audit
- Annual comprehensive review
Session Management
Active Sessions:
View all current user sessions.
Session Information:
| Field | Description |
|---|---|
| User | Session owner |
| Created | When started |
| Last Active | Recent activity |
| Device | Browser/app info |
| IP Address | Connection source |
| Location | Geographic location |
Session Actions:
- View: See session details
- Terminate: End single session
- Terminate All: End all user sessions
Security Use Cases:
- Terminate compromised sessions
- Force re-authentication
- Investigate suspicious activity
- Support user lockouts
Session Policies:
- Maximum session duration
- Idle timeout settings
- Concurrent session limits
- Device trust settings
Security Settings
Configuration Options:
Authentication:
- Password requirements
- Two-factor authentication
- Session timeout
- Login attempt limits
Access Control:
- IP allowlisting
- Geo-blocking
- Time-based access
- Device restrictions
Data Protection:
- Encryption settings
- Data retention policies
- Export controls
- PII handling
Monitoring:
- Alert thresholds
- Notification recipients
- Log retention
- Integration with SIEM
Best Practices:
✓ Enable 2FA for admins
✓ Set strong password policy
✓ Configure session timeouts
✓ Review logs regularly
✓ Keep audit trails long-term
Incident Response
Security Incident Workflow:
1. Detection:
- Dashboard alert
- User report
- Monitoring trigger
- External notification
2. Assessment:
- Determine scope
- Identify affected users
- Assess data exposure
- Classify severity
3. Containment:
- Disable compromised accounts
- Block suspicious IPs
- Terminate sessions
- Preserve evidence
4. Resolution:
- Fix vulnerability
- Reset credentials
- Restore services
- Verify fix
5. Recovery:
- Communicate with users
- Document incident
- Update procedures
- Implement improvements
Incident Documentation:
Use Security → Incidents to log and track security events with full timeline and resolution notes.