How does Syspeace know when to block something, and for how long to block?

Syspeace detects login attempts, and looks for patterns in them based on rules for each type of login attempt. A rule may be “if you find 5 login failures within 30 minutes, block them for 2 hours”. Beyond this pattern, the rule may also narrow the scope, for example: “if the username was ‘test'”.

You have full control over the rules. Multiple rules can be active at once and will be evaluated in order of priority – top to bottom.

The first rule where a match will be found wins, not necessarily the rule with the longest blocking duration.

Previous How does Syspeace differ from other kinds of software security? Can I uninstall my anti-virus software now?
Next How does the block actually happen?
Table of Contents
top