The analytics page contains various graphs and charts representing different detections Cymatic has made related to your user base and how they are interacting with your web application. In this guide, we will cover what the different graphs on this page represent.

In the upper right hand corner, there is a dropdown that allows you to define the search time period. The options range anywhere from the last day up to the last three months. The default filter is set to the last day. This time filter is a global filter for this page. If you would like to define a unique time filter for an individual section, that is possible in the upper right hand corner of the respective container. Please note that this filter selection will override what is selected for the global filter.

Also in the upper right hand corner is a dropdown that allows you to change between anonymous and verified traffic. Anonymous will show data for interactions with your web app that occur with an entity that has not authenticated, while verified will present data of accounts that have authenticated.

Each widgets has a download button. When clicked, you will need to select either CSV or PDF format for the download. This will export the data shown in the format selected based on the current selected time filter.

Each section has two widgets. The first one can be toggled between analysis and trending view. Analysis view will present a bar graph for the different timeframes within the reporting period, while switching to trending will show a gradual line graph to assist with showing the trending risks over time your web app is exposed to. The second widget displays a pie chart for the overall summary of the section.

For the analysis, trending, and summary charts, the charts will contain different data sets that can be toggled on or off. For example, the risk overview section contains bots, risky IPs, weak passwords, dark web usernames, and dark web passwords. If you would only like to see bots and dark web passwords in the graph, clicking on risky IPs, weak passwords, and dark web usernames will remove them from the graph. This can be done for the other values as desired.

Risk overview
The risk overview section provides a quick view into the overall threat landscape of your web app. It takes all other analytics available on this page and combines them into a singular view. If you are new to Cymatic, or just want a real quick view into your threat surface, this is a great place to start.

Any and all bot activity detected will be displayed in this section. In order for a bot detection to show up here, bot detection needs to be enabled. To enable bot detection, please refer to the settings guide.

In this section, IP addresses that connect to your web app fall into one of two categories; risky or safe. Also shown is a geographical breakdown of the top countries the risky IP addresses originate from.

Password strength
Password strength is currently based on the NIST SP 800-63B standard. The strength of the passwords presented for authentication are represented here.

Usernames on the dark web
Usernames used for authentication are categorized as either safe or risky. If the username is found on the dark web, it will be categorized as a risk.

Passwords on the dark web
Passwords used for authentication are categorized as either safe or risky. If the password is found on the dark web, it will be categorized as a risk. Remember that although the password may pass the password strength standards, if it is found on the dark web, the password still presents a risk to your web application.
Was this article helpful?
Thank you!