Security Overview
Shows the attack statistics of the Endpoint Security clients.
The information is presented in these widgets:
-
Hosts Under Attack
-
Active/Dormant Attacks
-
Active Attacks - Malicious process was executed and the system was infected. Termination and quarantine of the process or other elements of the attack is disabled in the policy.
-
Dormant Attack - No malicious process was executed but the system was infected. Quarantine of one of the detected files failed.
-
-
Cleaned/Blocked Attacks
-
Cleaned Attack - Malicious process was executed and the system was infected. Termination and quarantine of all attack elements succeeded.
-
Blocked Attack - No malicious process was executed. Quarantine of all detected files succeeded.
-
-
Infected Hosts
-
Attacks Timeline
The Active, Dormant and Cleaned attacks are based on Forensics and Remediation capability:
-
If there is no remediation or the remediation capability is turned off, then attack status is either Dormant or Blocked.
-
If remediation capability is turned on:
-
If the process is actively running and the remediation is Terminate, then the status is Active.
-
If the remediation failed, then status is Dormant.
-
If the remediation was successful, then the status is Cleaned.
-