Using CylancePROTECT Desktop reports
On the menu bar, you can click Reports to view the following
CylancePROTECT Desktopreports. The reports are interactive, allowing you to select pieces of data to view further details.
This report provides an executive summary of
CylancePROTECT Desktopusage, including a count of zones and devices, the percentage of devices covered by auto-quarantine and memory protection, and summaries of threat events, memory violations, agent versions, and an offline count for
Threat event summary
This report shows the number of files identified as malware or potentially unwanted programs (PUPs) and includes a breakdown of specific sub-categories. The top ten lists for file owners and devices with threats display threat event counts for the malware, PUPs, and dual use threat families.
This report displays summary data for
This report provides detailed data for threat events identified by the
This report displays a count of
CylancePROTECT Desktopdevices by OS.
Reports display threats in an event-based manner. An event represents an individual instance of a threat. For example, if a particular file is in three different folder locations on a device, the threat event count will equal three. Reporting data is refreshed approximately every three minutes. You can export the CylancePROTECT overview, threat event summary, and device summary reports as a .png file, and the threat events and devices reports as a .csv file.
Retrieving threat data reports with a third-party application
You can also access and download detailed threat data reports using the URLs listed in the Threat Data Report section in Settings > Application. The URLs use a unique token that is generated by the management console and displayed in Settings > Application. You can delete and regenerate the token as necessary. Note that regenerating the token will make previous tokens invalid. If you want to use a third-party application to retrieve reports from these URLs, the application and the host OS must use:
- TLS 1.2