Normal 0 false false false EN-US X-NONE X-NONE
We would like to see more granular control over suspicious activity alerts. Currently, Websense aggregates hits to security risk websites, and alerts are configured to trigger on these aggregated numbers. Unfortunately, if the user visits security risk websites (directly or indirectly) within a large time period (e.g., 30 days), we cannot gauge persistency of the hits and draw correlations to a potential malware infection. In other words, having the capability of configuring an alert to only send notifications when the user visits suspicious websites within a specific time period; 10 visits to a high-risk URL within 2 minutes is much more important than 10 visits over 30 days without persistency.