Speedbump
Speedbump adds an extra authentication layer to important activities performed in the Analyst Portal. CSAP administrators can configure preferences to mandate analysts to verify the alert through an authentication and confirmation pop-up before they publish it.
Enable and Configure Speedbump
You can configure speedbump preferences to enable speedbump for important activities such as alert publish.
Before you Start
You must have the View and Create/Update permissions for the Settings feature.
Steps
Navigate to Management > Settings > Other Settings > Speedbump.
Enable speedbump using the Enable Speedbump toggle on the top-right corner. This displays the status as Enabled near the speedbump title.
Click Edit to configure speedbump preferences.
Select Conditions and specify the conditions for using speedbump. See Speedbump Conditions.
Click Save and Proceed.
Select Authentication and specify the authentication method for the speedbump. See Speedbump Authentication Methods.
Click Save and Enable to save speedbump configuration. You can also use Save as Draft to enable the configuration later.
Speedbump Conditions
Speedbump pop-up can be enabled for alerts based on defined conditions. The conditions are detailed below.
Admin Activities Conditions
You can configure your preferences to automatically enable the speedbump authentication pop-up when admins attempt to make changes in the following modules.
Module | Speedbump Condition |
|---|---|
User Management |
|
Settings |
|
Integrations |
|
Configurations |
|
Alert Conditions
You can configure your preferences to automatically enable the speedbump authentication pop-up based on details provided in the alert.
Alert Component | Speedbump Condition |
|---|---|
For Alerts with TLP | Enable speedbump authentication based on TLP. For example, analysts must enter the last 4 digits of their phone number for alerts with Red TLP. |
For Alerts with Categories | Enable speedbump authentication based on categories selected while creating alerts. |
When number of Indicators are more than | Enable speedbump authentication based on the number of threat indicators in an alert. |
Percentage of Recipients out of total Members | Enable speedbump authentication based on the recipient count. For example, enter the OTP sent to the phone if the alert is to be sent to more than x% of users. |
Alert Includes
You can configure your preferences to automatically enable the speedbump authentication pop-up based on the following alert content inclusions.
Inclusion | Speedbump Condition |
|---|---|
Attachments | Enable speedbump authentication if the alert content contains attachments. |
Threat Assessment | Enable Speedbump authentication if the alert content contains threat assessment. |
Conference Call | Enable speedbump authentication if the alert content contains a conference call link. |
Mobile Push Notification | Enable speedbump authentication if the mobile push notification option is enabled for the alert. |
Email Notification | Enable speedbump authentication if the email notification option is enabled for the alert. |
Crisis Notification | Enable speedbump authentication if the alert is a crisis notification. |
Speedbump Authentication Methods
Different authentication methods can be configured for verification when speedbump is enabled. The following methods can be enabled.
Verification Method | User Activity |
|---|---|
OTP to the Registered Email ID | Users will receive a One Time Password (OTP) on their registered emails to authorize speedbump confirmation. |
OTP to the Registered Phone Number | Users will receive One Time Password (OTP) on their registered mobile numbers to authorize speedbump confirmation. |
Last 4 digits of the Registered Phone Number | Users must enter the last four digits of their registered mobile number emails to authorize speedbump confirmation. |
Show a reCAPTCHA | Users must enter the displayed reCAPTCHA to authorize speedbump confirmation. |