Security Overview

Shows the attack statistics of the Endpoint Security clients.

The information is presented in these widgets:

  • Hosts Under Attack

  • Active/Dormant Attacks

    • Active Attacks - Malicious process was executed and the system was infected. Termination and quarantine of the process or other elements of the attack is disabled in the policy.

    • Dormant Attack - No malicious process was executed but the system was infected. Quarantine of one of the detected files failed.

  • Cleaned/Blocked Attacks

    • Cleaned Attack - Malicious process was executed and the system was infected. Termination and quarantine of all attack elements succeeded.

    • Blocked Attack - No malicious process was executed. Quarantine of all detected files succeeded.

  • Infected Hosts

  • Attacks Timeline

Note:

The Active, Dormant and Cleaned attacks are based on Forensics and Remediation capability:

  • If there is no remediation or the remediation capability is turned off, then attack status is either Dormant or Blocked.

  • If remediation capability is turned on:

    • If the process is actively running and the remediation is Terminate, then the status is Active.

    • If the remediation failed, then status is Dormant.

    • If the remediation was successful, then the status is Cleaned.