Zuora System Health dashboard for Hosted Payment Method Pages (HPM Threat Detection dashboard) collects and displays HPM traffic and threat data, as well as security settings configured for each hosted payment page. In the HPM Threat Detection dashboard, data about hosted payment pages on your Zuora tenant within a time range are available for you to detect attacks and other issues and then troubleshoot.
This topic contains the following information about the HPM Threat Detection dashboard:
- How to access the dashboard
- How to filter, view, and drill down the data in the dashboard
- Definition of the HPM Threat Detection metrics
For more information about the System Health feature, see Zuora System Health.
For more information, see Zuora System Health prerequisites.
Access the HPM Threat Detection dashboard
To access the HPM Threat Detection dashboard, navigate to Administration > System Health > HPM Threat Detection in the left navigation menu.
View data in the HPM Threat Detection dashboard
If the overall HPM threat status is under attack, a Warning icon is displayed next to the dashboard title. The dashboard contains three tabs that display the attack, page submission traffic, and security setting data separately. Take the following steps to view and drill down the data. For more information about the metrics, see HPM Threat Detection metrics.
- Navigate through the Overview, Pages, and Settings tabs to understand the following information:
- On the Overview tab, understand the abnormal behaviors leading to the attack and the pages that are impacted.
- On the Pages tab, understand how the attack happened.
- On the Settings tab, check your current security configuration and Zuora’s recommendations.
- After opening a tab, configure the filter. You can customize the data to be displayed by defining the filter criteria. Click Filters in the upper right of the page, and then use either Timeframe or the combination of Start Time and End Time to define a time range for the data.
- On each tab, get drill-down information with the following methods:
- Hover over the chart to view data of a specific data point.
- In the Attack Factors chart, you can click the chart to drill down into a data point. To restore the chart to the default level, click Reset in the Attack Factors chart area.
- On each tab, get the information for each hosted payment page in the table view.
- Sort the table by clicking any of the column headers to quickly find the pages you want to look into.
- If the page name in the table is clickable, click it to open the preview page of the hosted payment page.
- Download the data in the table by clicking the download icon in the upper right of the table.
HPM Threat Detection metrics
The following table provides descriptions of the HPM Threat Detection metrics.
The following four cards at the top of the dashboard indicate the overall HPM threat status of your tenant:
The metrics presented in the Attack Factors chart provide further information about the threat status. See the following “Attack Factors” section for more information.
On the Overview tab, the Attack Factors chart presents the change in values of the following factors within a time range, compared with the historical average value of each factor. The value on the vertical axis shows, at a certain time, how many percentages a factor's value is higher or lower than its historical average.
The table below the chart also presents the values of Submit Page Count and Submit Page Failure Rate for each hosted payment page. The Under Attack value indicates the HPM threat status of your page. Yes indicates your page is under attack.
On the Overview tab, the Attack Patterns card presents the following metrics to help you detect possible attack patterns. By default, six metrics are displayed on the card. Click View All to see all the following metrics in a pop-up window:
Page Submit Requests
On the Pages tab, the Page Submit Requests chart presents the following metrics for each hosted payment page:
The table below the chart presents the following metrics for each hosted payment page:
On the Settings tab, the configuration data of the following security settings for each hosted payment page are presented:
Recommended actions for securing each hosted payment page are also provided.
For more information about these settings, see Secure your Payment Pages 2.0 integration with Zuora security measures.
Note that you can configure notifications based on threats caused by card attacks or page attacks. For more information, see Standard events for Zuora Central Platform.
Subscribe to the HPM Threat Report
You can subscribe to the HPM Threat Report to help you timely detect bot attacks that happened on your hosted payment pages. The following information is included in the report:
- Bot attack patterns
- Security settings during the attack
- Recommended actions
The HPM Threat Report is available for only Production environments.
To subscribe to the report, complete the following steps:
- On the HPM Threat Detection page, click HPM Threat Report in the upper right of the page.
- If you want to see a sample report, click Preview. A sample report will open in a dialog.
- In the HPM Threat Report dropdown list, click Subscribe.
- In the dialog asking for your confirmation about the report subscription, click Yes.
A report will be sent to the work email of the current user when possible bot attacks are detected. To verify the work email address that will receive the HPM Threat Report, complete the following steps:
- Click your username in the upper right, and then click Profile.
- On the Personal Settings page, click Manage Your Profile. The email address in the Work Email field will receive the report.
If you want to cancel your subscription to the report, click HPM Threat Report and then click Unsubscribe.