Using CylancePROTECT Desktop reports
CylancePROTECT Desktop
reportsOn the menu bar, you can click Reports to view the following
CylancePROTECT Desktop
reports. The reports are interactive, allowing you to select pieces of data to view further details.Report | Description |
---|---|
CylancePROTECT overview | This report provides an executive summary of CylancePROTECT Desktop usage, including a count of zones and devices, the percentage of devices covered by auto-quarantine and memory protection, and summaries of threat events, memory violations, agent versions, and an offline count for CylancePROTECT Desktop devices. |
Threat event summary | This report shows the number of files identified as malware or potentially unwanted programs (PUPs) and includes a breakdown of specific sub-categories. The top ten lists for file owners and devices with threats display threat event counts for the malware, PUPs, and dual use threat families. |
Device summary | This report displays summary data for CylancePROTECT Desktop devices. |
Threat events | This report provides detailed data for threat events identified by the CylancePROTECT Desktop agent. |
Devices | This report displays a count of CylancePROTECT Desktop devices by OS. |
Reports display threats in an event-based manner. An event represents an individual instance of a threat. For example, if a particular file is in three different folder locations on a device, the threat event count will equal three. Reporting data is refreshed approximately every three minutes. You can export the CylancePROTECT overview, threat event summary, and device summary reports as a .png file, and the threat events and devices reports as a .csv file.
Retrieving threat data reports with a third-party application
You can also access and download detailed threat data reports using the URLs listed in the Threat Data Report section in Settings > Application. The URLs use a unique token that is generated by the management console and displayed in Settings > Application. You can delete and regenerate the token as necessary. Note that regenerating the token will make previous tokens invalid. If you want to use a third-party application to retrieve reports from these URLs, the application and the host OS must use:
- TLS 1.2