> ## Documentation Index
> Fetch the complete documentation index at: https://docs.metlo.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Attack Detection

Metlo builds a baseline model of how your API generally behaves and is able to catch any anomalous traffic that may
be an attacker doing reconnaissance or exploiting a 0-Day vulnerability. Metlo Protection detects and blocks attacks like:

* SQL Injection
* Cross-Site Scripting
* Server-Side Request Forgery
* Remote Command Execution
* Directory Traversal
* GraphQL Introspection
* High rates of 401 errors

For any bad actors that are detected, you can easily view information such as when they were detected, their geolocation, and
a timeline of events that were flagged for that actor.

<img src="https://mintcdn.com/metlo/bLaSw1tiF6Fz1nHn/images/protection/attack-overview.png?fit=max&auto=format&n=bLaSw1tiF6Fz1nHn&q=85&s=27e0e4ecc30eea609c824c0ed15cb6ff" alt="3808" width="3680" height="2382" data-path="images/protection/attack-overview.png" />

### Detections

You can also build your own detections to customize how and what Metlo flags as an attack.

<img src="https://mintcdn.com/metlo/bLaSw1tiF6Fz1nHn/images/protection/detection-editor.png?fit=max&auto=format&n=bLaSw1tiF6Fz1nHn&q=85&s=374b7594944ca75696941ec8e4065c42" alt="3808" width="3680" height="2382" data-path="images/protection/detection-editor.png" />