Overview

The Overview page shows a summary of the security operations of the on-boarded applications.

To view the Overview page, access Infinity XDRClosed Extended Detection & Response/XPRClosed Extended Prevention & Response and click Overview.

By default, the Overview page shows the data (all priorities) from the last 7 days.

To filter the data by priority:

  1. Select the time period. By default, it lists from the last 7 days.

  2. To filter incidents that require action, click Action required.

  3. To filter incidents prevented automatically by Infinity XDR/XPR, click Prevented.

  4. To filter incidents of specific priority, select the required Priority. By default, all priority levels are selected.

Connectivity

The Connectivity widget shows the connection status of the products connected to Infinity XDR/XPR. When you hover over the product name in the widget, you can view the following details:

  • The connectivity status of the product.

  • The number of events sent by the product.

  • Time when the product sent the last event.

Notes:

  • The connection timeout duration is 48 hours. If the product does not send events to Infinity XDR/XPR in 48 hours, the product becomes inactive and the icon changes to red.

  • The connectivity status of CloudGuard Network is indicated by Quantum Gateway.

  • Certificate expiry status for the Fortinet FortiGate Next Generation Firewall integration is indicated by the icon.

    For example:

    To renew the certificate, see Fortinet FortiGate Next Generation Firewall.

XDR/XPR Prevention Status

The XDR/XPR Prevention Status widget displays the prevention status in Infinity XDR/XPR.

  • Automatic - The number of prevention steps taken automatically by Infinity XDR/XPR.

  • Manual - The number of prevention steps taken manually by the users.

  • In Progress - The number of prevention steps that are in progress.

  • User action required - The number of prevention steps that require user action.

Prevention by Sources

The Prevention by sources widget shows the number of security events analyzed for each on-boarded application and the respective security risk (detect/prevent) action.

Open Incidents by Assignee

The Open incidents by Assignee widget lists the number of open incidents for each assignee. Incidents are color-coded based on the priority levels.

Incidents

The Incidents widget lists incidents by status. Hover over the incident for more information. Incidents are color-coded based on the priority levels.

Under Prevented, the widget shows the incidents automatically prevented by Infinity XDR/XPR.

Incidents Over Time

The Incidents over time widget shows the timeline of incidents by priority. Incidents are color-coded based on the priority levels.

Personalized News

The Personalized News widget shows cyber security news curated by the Check Point research team.

  • Infinity XDR/XPR analyzes the logs for the vulnerability described in the news article and creates incidents if necessary.

  • News related to existing incidents are listed first at the top. To view the related incidents, click the icon. The system redirects to the Incidents page and shows the related incidents.