The Dashboard includes four tabs, each with corresponding data summarizing various aspects of the monitored environment. The four tabs are Policies and Incidents, App Risk, Data Risk, and Behavioral Risk.
- Policies and Incidents
- App Risk
- Data and Behavioral Risk
This tab is included in all types of Cloudlock licenses. The tab is divided into five sections each depicting different statistics.
Summarizes the number of users, objects (where applicable) and incidents associated with each platform. The chart also breaks down incidents’ severity (Critical, Alert, Warning, Info) based on policy configuration.
Allows you to view the number of incidents and the breakdown of severity by platform or for all platforms.
Provides the top 5 policies with the highest number of incidents.
Breaks down all incidents by their current statuses.
This graph requires an AFW license (Google or Office 365).
The top 5 applications with unique installations are shown and any one application can be viewed in further detail by hovering in the corresponding section of the pie graph.
Depicts the user, number of incidents and the severity of those incidents for the past week.
This entire tab requires an AFW license (Google or Office 365).
This tab details the Apps in your environment considered Risky and to what degree depending on different statistical data. (For more information see App Risk Score).
Lists the top risky apps, number of users and risk level.
Breaks down the current installed apps by risk level.
Lists the top users with risky apps divided by severity.
Apps are divided by risk according to how other users in the AFW community have rated the app.
Depicts the number of daily authorizations for the last week.
Both of these tabs require that at least one license has UEBA capabilities
Data Risk breaks down users’ activity with assets such as downloads, uploads, and deletion of files whereas Behavioral Risk shows highlighted user activity that may be risky.
Users with High Asset Activity—Users who have the most number of downloads, uploads and/or file deletions.
Most Downloaded Assets—Files that have been downloaded the most within the past week.
Asset Uploads/Download Trends - Files upload and download activity for the past week.
Anomalies—Possible threats or account compromises based on user behavior.
Top Users with Admin Activity—Shows users with the most events considered admin-level.
Users and Activities by Platform—A table of users and events by platform.
Location-based Risk—Lists the cities, countries, and number of activities monitored in the last week.
Users with Most Login Failures—Lists the users with the most failed login attempts in the past week and the number of attempts made.
Compromised Account Risk—Suggests any users that may have a compromised account based on logins from three locations or more in the past week.
Updated 9 months ago