The Dashboard shows following Graphs,
- Affected Endpoints
- Average Incidents Rate
- Mean Time To Detect
- Mean Time To Respond
- Mean Time To Remediate
- Analyst Allocation by Incident Types
- Average Late Incidents
- ROI – Rate of Interest
Affected Endpoints
The Affected Endpoints Graph displays the number of affected endpoints for the selected period, either one week, one month, or three months. By default, the period is three months.
The graph is clickable. On clicking, a user navigates to the Incident List Page. The page displays the list of affected endpoints for the period selected over the graph.
Average Incidents Rate
The Average Incidents Rate Graph shows the Incident Rate over a period of one week, one month, or three months for the incoming and closed incidents. For the incoming incidents the creation time is considered and the closed time for the closed incidents.
For three months selection, the graph shows cumulative incidents created and closed per month starting from the last month, so if the current month is March 2022, then the graph shows data for December 2021, January 2022, and February 2022.
For one month selection, the graph shows the last four weeks (28 days) incidents created and closed per week, starting from the day before the current date.
For one week selection, the graph shows the last seven days incidents created and closed per day, starting from the day before the current day.
The following filters are available on the graph,
Filter | Values |
---|---|
Severity | All, Critical, High, Medium, and Low |
Incident Types | Unknown, Phishing, Malware, MITM, Insider Threat, Privilege Escalation. Web Application Attack, Anomaly Detection, APT |
Mean Time To Detect
The Mean Time To Detect is the duration from an incident created time to an incident remediate time.
This graph shows the data for the last three months for the critical, high, medium, and low-severity incidents.
The following filter is available on the graph,
Filter | Values |
---|---|
Incident Types | Unknown, Phishing, Malware, MITM, Insider Threat, Privilege Escalation. Web Application Attack, Anomaly Detection, APT |
Mean Time To Respond
The Mean Time To Respond is the duration from an incident created time to an incident closed time.
This graph shows the data for the last three months for the critical, high, medium, and low-severity incidents.
The following filter is available on the graph,
Filter | Values |
---|---|
Incident Types | Unknown, Phishing, Malware, MITM, Insider Threat, Privilege Escalation. Web Application Attack, Anomaly Detection, APT |
Mean Time To Remediate
The Mean Time To Remediate is the duration from an incident created time to an incident investigate time.
This graph shows the data for the last three months for the critical, high, medium, and low-severity incidents.
The following filter is available on the graph,
Filter | Values |
---|---|
Incident Types | Unknown, Phishing, Malware, MITM, Insider Threat, Privilege Escalation. Web Application Attack, Anomaly Detection, APT |
Analyst Allocation by Incident Types
The Analyst Allocation by Incident Types Bar Graph shows top five incident type bars based on the highest number of analysts allocated.
For Example, For the last week n number of incidents are allocated to 35 analysts then the graph bar height is shown as 35 and on hover it shows ‘Phishing | Analysts:35’.
The period selection of one week, one month, and three months is available.
Average Late Incidents
The Late Incidents are the incidents that are closed late.
ROI – Rate of Interest
The computation of the ROI is based on the duration from an incident creation time to an incident remediate time.
On automatic closing of the incident the ROI is 100%.
On manual closing of the incident the ROI computation is based on the formula.