Apr 20, 2026 - Improved accuracy of rule-based filtering in Web Security Analytics

Web Security Analytics now provides more precise visibility into mitigated traffic by improving how security outcomes are attributed to individual rules. It now clearly distinguishes between two filtering modes:

• Filtering by requests which returns requests that match the selected filter conditions. Results can include requests that triggered not only the rules specified in your filter, but also additional rules, as long as at least one rule meets the filter conditions. This filtering mode allows you to see all data associated with the found requests in the Statistics view, as well as all additional rules that triggered on those requests displayed in the Samples view.
• Filtering by rules which returns requests for which the filter conditions are met within the same rule instance. Results include requests that match only those conditions that you set in the filter. In the Statistics view, widgets display data limited to the selected rule set. In the Samples view, you can still review the full request context for matching events, including any additional rules triggered for those requests.

As a single request can trigger multiple security rules, filtering at the request level can make it difficult to determine which rule contributed to a specific outcome. When you apply filtering by rules, results include only requests where a rule meets all selected rule-level filtering conditions. Learn more