Brand Protection

Detections

Detections

  • Details View: showing the priority logo Priority Section that indicates different level of priority of the Detection. followed by the link of the threat/detection
    • here is the List of Priority logo can be possible:
      • Low Priority
      • Medium Priority
      • High Priority
      • Critical Priority
      • Urgent Priority
    • Classification: showing the classification of the threat. what is the type of threat
    • Status: Current status of the detection. what action we are taking on this detection
    • Description: details about the detection what exactly they are doing and how it can be a threat for your org.
    • Reason: it explains why the current status
    • Upload File: You can also upload files related to this Detection.
    • How a detection is being created: 
      •   identifier?: string;
  url?: string;
  org?: string;
  id?: string;
  value?: string;
  threatScore?: number;
  meta?: any;
  source?: string;
  keyword?: string;
  description?: string;
  attr?: any;
  timestamp?: {
    created?: number;
    updated?: number;
  };
  • Additional Details and Intelligence: Every other details available about the detection. these are all the additional information you got have. these fields are optional so all of these might not be available for a given detection. and depending on the detection more relevant fields might be there. 
    • "picture": "https://cdn11.bigcommerce.com/s-ilgxsy4t82/images/stencil/608x608/products/18538/23817/71mKVtbsMnL__47973.1656704261.jpg?c=1",
"name": "Neutrogena Clear Face Liquid Lotion Sunscreen , 3 fl. oz",
"seller_name": "Neutrogena",
"unit_sold": "3 fl. oz",
"total_reviews": "No reviews yet",
"platform": "kiwla.com",
"country": "USA",
"city": null,
"seller_address": null,
"email": null,
"platform_licence_number": null,
"gst": null,
"product_type": "Sunscreen",
"distribution_channel": "Online",
"original_brand": "Neutrogena",
"product_rating": null,
"product_price": "₹4,395.00"
    • You can also update and add attributes to the Intelligence section
  • Tags: shows different types of tags/status related to this detection. 
    • tagsObj?:{
  "severity": "urgent",
  "source": "clean",
  "status": "on_hold",
  "priority": "high",
  "classificationStatus": "done",
  "autoClassifyConfidence": "high",
  "classificationMethod": "ai_auto",
  "classification": "phishing",
  "infringement": "credential_harvesting_attack"
},
  • Quick Links:
    • if this is a potential assets: shows only "accept as an assets" or "reject"
    • else:

      • if it is classifiable and you have permission then you will see all the action buttons like "set status", "request take down", "mark as resolved", "Reclassify Detection" and "False positive"

      • Maximum Severity: showing the priority. On clicking that button you can change the priority of the threat. here is the list of priority we have:

        • Low Priority
        • Medium Priority
        • High Priority
        • Critical Priority
        • Urgent Priority

      • it also got a "Escalate to" button ——don't know how this is working or what this is

        my guess: it tells to set the priority of the threat to some specific level.

      • by clicking on these button we are Updating the tags of the detection

        • mark as resolved: status:resolved
        • False positive: status:false_positive
        • update severity: severity:"that user choosed"
        • Request takedown: status:takedown_in_progress
        • add to asset: status:whitelisted
  • Auto-Classifications: this can be in Two states:
    • Not Classified: shows just a trigger button "Run AI classification"
    • How are we classifying:
      • we are accepting the detection ID as an input to the backend
      • the function will only classifying if and only if it is a detection
      • using AI to generate and classify the detection based on some criteria. AI will also give a confidence score on the classification and we will compare it with the pre defined CONFIDENCE_THRESHOLD=80
        • if confidence score>CONFIDENCE_THRESHOLD: will add the infringement in the result
        • else: just return but don't show the infringement.
    • Classified: shows you the confidence score, the predicted classification, the infringement (if present)
      • pending acceptance: shows "re-classification" button and a "accept" button
      • accept an classification:
        • we are accepting the detection ID and optional classificationResponseID as an input to the backend
        • validating and getting the latest AI/Intelligent Classification
        • then we are updating the existing tags regardless of the confidence score because it is approved by a human and also updating the classificationStatus to "Done" and classificationMethod to "ai_accepted"
        • Update the Detection and orginal AI classification and make it as "accepted"
        • audit the logs and return
      • rejected: shows the current classification
    • On click you can see the full breakdown of the classification like "Classification Reasoning", "Question Responses", etc.
  • AI Overview: shows you an AI summary of the threat and classification. Classification overview gives you an summary on the classification. This has three parts
    • using custom prompt (Provided by user): user provide the prompt and the AI Response according to that
    • General analysis (no prompt by user): AI analyse you data based on the tags shown above and it focus on "Critical data patterns", "Most urgent insights and trends" and "High-priority risks" and it gave you these things:
      • analysis: brief analysis of critical findings,
      • recommendations: top 3 most urgent recommendations
      • confidence score
      • priority level
      • top 3 immediate actions you can take
    • remediation:
  • Impact Assessment: what's your Business impact and risk evaluation for this threat
  • Collaboration: you can add task and comment activity to let us know what we have to do
    • Tasks:
      • View all tasks: fetches the task by its ID, join it with the notification name and return the result as a cleaned-up array
      • add task:
        • fetches the user's organization, generates a unique task ID, and sets the due date to the very end of the day
        • builds a complete task object by merging the input data with metadata, timestamps, and default values (like status '0').
        • then inserts the task into the database and triggers an audit log to track the creation event before returning the results.
      • update task:
        • fetches the task by ID and throws an "Invalid ID" error if it doesn't exist
        • prepares the update object, specifically setting a "completionDate" timestamp if the status is marked as '5' (Completed).
        • Audit the log and save it to the DB.
  • Correspondence Timeline:
    • we are accepting "action", "key", "value" and "keysToExclude" as a input to the backend
    • 1st we are normalizing the action field
    • Formatting the query and then finally return the logs from Database