Graphs

The Dashboard shows following Graphs:

Affected Endpoints

The Affected Endpoints Graph displays the number of affected endpoints for the selected period, either one week, or one month. By default, the period is one months.
The graph is clickable. On clicking, a user navigates to the Incident List Page. The page displays the list of affected endpoints for the period selected over the graph.

Average Incidents Rate

The Average Incidents Rate Graph shows the Incident Rate over a period of one week or one month for the incoming and closed incidents. For the incoming incidents the creation time is considered and the closed time for the closed incidents.

For one month selection, the graph shows the 30 days incidents created and closed per week, starting from the day before the current date.

For one week selection, the graph shows the last seven days incidents created and closed per day, starting from the day before the current day.

The following filters are available on the graph,

Filter Values
Severity All, Critical, High, Medium, and Low
Incident Types Unknown, Phishing, Malware, MITM, Insider Threat, Privilege Escalation. Web Application Attack, Anomaly Detection, APT, Endpoint, Email, Network, EPS, and UBA Credential Access

Mean Time to Detect

The Mean Time to Detect is the duration from an incident created time to an incident remediate time.
This graph shows the data for the last 30 days for the critical, high, medium, and low-severity incidents.
The following filter is available on the graph,

Filter Values
Incident Types Unknown, Phishing, Malware, MITM, Insider Threat, Privilege Escalation. Web Application Attack, Anomaly Detection, APT, Endpoint, Email, Network, EPP. and UBA Credential Access

Mean Time to Respond

The Mean Time to Respond is Time Taken to change the status of an Incident to Investigation from Incident creation Time.
This graph shows the data for the last month for the critical, high, medium, and low-severity incidents.
The following filter is available on the graph,

Filter Values
Incident Types Unknown, Phishing, Malware, MITM, Insider Threat, Privilege Escalation. Web Application Attack, Anomaly Detection, APT, Endpoint, Email, Network, EPS, and UBA Credential Access

Mean Time to Remediate

The Mean Time to Remediate is the time Taken to change the status of an Incident to Closed from Incident creation Time.
This graph shows the data for the last month for the critical, high, medium, and low-severity incidents.
The following filter is available on the graph,

Filter Values
Incident Types Unknown, Phishing, Malware, MITM, Insider Threat, Privilege Escalation. Web Application Attack, Anomaly Detection, APT, Endpoint, Email, Network, EPS, and UBA Credential Access

Analyst Allocation by Incident Types

The Analyst Allocation by Incident Types Bar Graph shows top five incident type bars based on the highest number of analysts allocated.
For Example, For the last week n number of incidents are allocated to 35 analysts then the graph bar height is shown as 35 and on hover it shows ‘Phishing | Analysts:35’.

The period selection of one week, and one month is available.

Average Late Incidents

The Average Late Incidents section provides insights into incidents that were reported later than expected. This metric helps users monitor delays in incident reporting and assess the impact of such delays across different severity levels and incident types.

#### Severity Filter
Users can refine the data using the Severity dropdown, which includes the following options:

#### All: Displays all late incidents regardless of severity.
Critical: Shows only incidents marked as critical.
High: Filters for high-severity incidents.
Medium: Displays incidents with medium severity.
Low: Shows incidents with low severity.
This filter helps prioritize analysis based on the potential impact of the incidents.

#### Type Filter
In addition to severity, users can filter incidents by Type using the corresponding dropdown. Available types include:

  • Unknown
  • Phishing
  • Malware
  • MITM
  • Insider Threat
  • Privilege Escalation
  • Web Application Attack
  • Anomaly Detection
  • APT
  • Endpoint
  • Email
  • Network
  • EPS
  • UBA Credential Access
  • ##### No Results Found
    If no incidents match the selected filters, a “No Results Found” message will appear, indicating that there are no late incidents for the chosen criteria..

    ROI – Rate of Interest

    The computation of the ROI is based on the duration from an incident creation time to an incident remediate time.
    On automatic closing of the incident the ROI is 100%.
    On manual closing of the incident the ROI computation is based on the formula.

    Was this page helpful?