CylanceGUARDDashboard page has an interactive layout that visually displays the various types of alerts that were escalated in your organization, as well as top threats by alert type or target.
The new interactive dashboard is currently available as a beta preview. You can switch between the new and original dashboard until the upcoming general release of the new dashboard.
You can set the timeframe to limit the data that is presented on the dashboard. For example, you can limit the data to the last 24 hours so that you only view a list of escalations that occurred in that timeframe. If you manage multiple child organizations, you can also limit the results to specific organizations. These settings can be found on the top right of the Dashboard page.
The following alert metrics are displayed in the dashboard:
- Open Escalations: View a list of open escalations that might require your attention, such as those with critical and high severity. You can click on an alert to quickly jump to its details.
- Escalations: View a graph of escalations to see the ratio of unresolved threats by severity, as well as threats that were already resolved. You can click on parts of this widget to view a list of all open escalations, or view a list of open escalations of a specific severity.
- Average MTTR (Analyst Efficiency): View the average time for analysts to escalate and close alerts in the last 30 days.
- Devices Targeted: View the number of devices that were targeted.
- Alert Status: View the status of overall alerts by severity.
- Threat Source Heat Map: View a map of threat sources to understand where attacks are originating from. You can click the numbers that appear on the map to see the severity of threats for each geographic area.
- Top Alert Types: View the top alert types to see the alert types (such as memory exploit attempts, script control threats, and network threats) that are reported most frequently in your organization.
- Top Scripts Convicted: View the top scripts to see the scripts that are run the most often in your organization that are also generating alerts. Hover over a script in the list to see the full directory path to the script.
- Top Targeted Processes: View the top targeted processes to see the processes that are most often targeted by threats.
- Top Targeted Devices: View the top targeted devices to see the devices that are generating the most alerts.