# DDoS Dashboard The DDoS Dashboard offers centralized, real-time visibility into Distributed Denial of Service (DDoS) activity targeting your applications and APIs. It enables security teams to quickly assess the scope, behavior, and progression of ongoing and past attacks. {% hint style="info" %} DDoS Protection is available for CloudGuard WAF SaaS. It is not available with other local (Gateway, Agent) editions of the product. {% endhint %}
Following is a description of the Dashboard sections: | Section | Description | | ----------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Recent Attacks | Displays a timeline of detected DDoS attacks, including start time, status (e.g., ongoing or resolved), and affected domains. Users can select an event to drill down into detailed telemetry. | | Top Source IP Addresses | Lists the IPs responsible for the most traffic during an attack. This helps identify major attack sources or botnet activity. Visual bars help compare relative impact. | | Top Destination URLs | Shows the application endpoints most frequently targeted by DDoS traffic, helping to pinpoint abuse patterns [#ddos-dashboard](#ddos-dashboard "mention") | | Top Referrers | Identifies external referrer domains linked to attack traffic. This can highlight misused third-party websites or coordinated bot campaigns. | | Top User Agents | Displays the most common User-Agent headers observed during an attack, revealing whether bots are spoofing browser or device signatures. | | Top Source Countries | Visualizes geographic origin of traffic in a chart, indicating which regions are contributing to the attack load. Useful for geolocation-based defense strategies. | See also: {% content-ref url="../../concepts/ddos-protection" %} [ddos-protection](https://waf-doc.inext.checkpoint.com/concepts/ddos-protection) {% endcontent-ref %}