Last week the new email design was presented. This week another improvement has been achieved. We switch from our 3-colored notifications to just 2-colors:

Red Alert (r-alert): As the name says, immediate action is required, because we are sure there is something wrong with your website.

Yellow Alert (y-alert): We think this is suspicious and you should definitely have a look at it. But probably there is no immediate action required.

Yellow alerts contain valuable information about soon expiring TLS certificates, outdated applications where currently no vulnerability are known publicly, and much more. These are all issues that don’t require immediate action, but give you the time to coordinate measures to resolve them before they get worse.

The now “old” alert system

Before the switch we had three alert categories and colors: roy-alert-old

Red Alert: Our “High severity risk” is the same as the new one and will only show up in case something severe happened.

Orange Alert: “Medium severity, medium risk” was (re-)moved but only for the color. These alerts are now placed as yellow alerts.

Yellow Alert: “Notifications” before, were tracking file activity, and not really suspicious changes on websites. We removed this category once and for all, as they created more confusion than useful information.

Why did we change it?

nimbusec is a monitoring service, and one of the best of its kind. We aim to notify the website owner when something happened with a monitored website, but we don’t want to generate unwanted noise. To be able to focus more on which changes on websites really matter, we cut down the notifications drastically. At the same time we give the customer an easier option to configure the alert chain.

Recommendation about notifications

I, personally, like to be notified for all events, when they occur on the website. But to be realistic and honest: for the busy people out there I recommend to setup text-messaging and mail notification on red alerts and have a look in the portal once or twice a week to cover also the yellow alerts.

And of course there are our digest mails. So once a day I can receive a mail that gives me an overview over all my monitored domains, including the amount of alerts which are visible in the portal right now.


With this information I can easily decide if I should have a closer look at the messages in the nimbusec portal and take action.

Getting things done

To sum it up: With the new mail design and restructured alert categories, monitoring your websites got even faster and easier than before. Give it a chance today and check your notification-settings in the portal.

If there are open questions or things you think can be improved with your workflow give us a hint here, @facebook, #twitter or by mail ^^