You have the ability for us to create predefined lists, like a list of IPs we wish to block.
It will be great if you will enable us to add, manually, an IP, directly from the Firewall Events page - to an existing list.
This will be the quickest way to better our security - from log to block.
Even better, if we can create a simple rule that will do this automatically. I am very simplifying here, but I guess you will know how to realize this - that if an IP was blocked more than X times in the last Y (minutes/hours) - place it in the list of Z. Or if it reached a security risk grade of A (because it was in an IP reputation list, because it was challenged, etc.).
You can also add an option to take an IP out of a list, using an automating rule, if it didn’t reach a specific threshold in a specific time frame.
And of course, any of these actions, manual or automatic - will be documented in the CF audit log.