Web Activity Report

Monitor Web Traffic, Blocked URLs, and Browsing Behavior Across Your Organization.

The Web Activity Report gives administrators a real-time, granular view of every URL accessed and blocked across the organization. It surfaces total URLs accessed, total URLs blocked, URL categories, user identities, device details, and access timestamps in a single filterable dashboard, giving security teams complete visibility into web browsing behavior without needing to switch between multiple tools.

Blocked URLs are highlighted immediately in the report and appear in the URL blocked category summary at the top, enabling administrators to quickly assess which categories of web content are being blocked most frequently and identify users or devices generating the highest volume of policy violations.

The Web Activity Report is a real-time log of all web traffic monitored by Zaperon's Secure Web Gateway. It captures every URL access attempt across the organization, including the user, URL, domain, category, activity status, device type, device location, and timestamp, giving administrators complete context for every web browsing event.

In a Zero Trust security framework, controlling and monitoring web access is a critical layer of defense. Zaperon's Secure Web Gateway evaluates every web request against defined policies and the Web Activity Report gives administrators the visibility to confirm that those policies are working, investigate violations, and respond to threats originating from web-based activity.

• Complete Web Traffic Visibility: Monitor every URL accessed and blocked across the organization in real time, including category breakdowns and per-user activity

• Instant Blocked URL Detection: Blocked URLs are surfaced immediately with category context, enabling rapid identification of policy violations and risky browsing patterns

• User and Device Context: Every web access event includes the user identity, device type, IP address, and location, providing full context for investigation and enforcement

• Shadow IT Detection: Identify employees accessing unsanctioned SaaS tools and web applications through web traffic monitoring before they create a security or compliance risk

• Policy Enforcement Validation: Confirm that Secure Web Gateway policies are correctly blocking malicious domains, restricted categories, and unauthorized web destinations

• Compliance Readiness: Maintain a detailed, auditable record of all web activity across the organization to support governance and regulatory compliance requirements

• Detecting Malicious Domain Access

Identify users attempting to access known malicious, phishing, or command-and-control domains. The Web Activity Report surfaces these attempts with full user and device context, enabling security teams to investigate immediately and strengthen Secure Web Gateway policies to prevent future access.

• Monitoring Shadow IT Through Web Traffic

Employees using unsanctioned SaaS tools often access them through web browsers, making web traffic monitoring a powerful Shadow IT detection layer. The Web Activity Report identifies access to unauthorized web-based applications by category and domain, enabling administrators to take enforcement action before sensitive data is exposed.

• Enforcing Acceptable Use Policies

Track and enforce organizational acceptable use policies by monitoring access to restricted web categories such as social networking, brokerage and trading, job search platforms, and other non-work-related destinations. Administrators can review category-level summaries and drill down to individual user activity for targeted enforcement.

• Investigating Web-Based Security Incidents

When a security incident involves web activity, the Web Activity Report provides the exact URL, domain, category, user, device, location, and timestamp needed to reconstruct the event. This accelerates incident response and supports forensic investigation without requiring additional tooling.

• Validating Secure Web Gateway Policy Effectiveness

Review blocked URL counts and category breakdowns to assess whether Secure Web Gateway policies are blocking the right traffic. Identify gaps where risky categories are being accessed without restriction and refine policies accordingly. Refer to Manage Secure Web Gateway Policies for configuration guidance.

To ensure web activity events appear in this report:

• Secure Web Gateway must be configured and active under Manage Secure Web Gateway Policies

• Users must be onboarded using Standard Onboarding or Pre-Provisioned Onboarding

• Zaperon agent or connector must be installed and communicating on user devices

Note:  The report displays web activity data for the last 24 hours by default. Use the filter dropdown to view data for weekly or monthly periods.

Note: Use the filter dropdown to view data for the last 24 hours, weekly, or monthly periods. Zaperon retains web activity reports data for up to 6 months.

Download web activity logs for audits, compliance reviews, or offline analysis.

Use Export CSV on the Web Activity page to select a time range and export the report. Exported data can be used for compliance audits or SIEM integrations. → Refer to Exporting a Report.

The Web Activity Report gives security and IT teams real-time visibility into every web access and blocked URL event across the organization. By surfacing user, device, domain, and category context for every web request, Zaperon enables teams to detect risky browsing behavior, validate Secure Web Gateway policy enforcement, investigate web-based incidents, and maintain continuous compliance readiness across the organization.