Dashboard Overview

The Dashboard includes four tabs, each with corresponding data summarizing various aspects of the monitored environment. The four tabs are Policies and Incidents, App Risk, Data Risk, and Behavioral Risk.

Table of Contents

• Policies and Incidents
  • Platform Statistics
  • Incidents by Severity
  • Policies with Most incidents
  • Incidents by Status
  • Top Applications
  • Users With Most Incidents for Last 7 Days
• App Risk
  • Most Risky Apps
  • Your Apps by Risk Level
  • Users With Risky Apps
  • Peer-Assessed App Risk
  • Recently Granted Authorizations
• Data and Behavioral Risk
  • Data Risk
  • Behavioral Risk

Policies and Incidents

This tab is included in all types of Cloudlock licenses. The tab is divided into five sections each depicting different statistics.

Platform Statistics

Summarizes the number of users, objects (where applicable) and incidents associated with each platform. The chart also breaks down incidents’ severity (Critical, Alert, Warning, Info) based on policy configuration.

Incidents by Severity

Allows you to view the number of incidents and the breakdown of severity by platform or for all platforms.

Policies With Most Incidents

Provides the top 5 policies with the highest number of incidents.

Incidents by Status

Breaks down all incidents by their current statuses.

Top Applications

🚧

License Requirement

This graph requires an AFW license (Google or Office 365).

The top 5 applications with unique installations are shown and any one application can be viewed in further detail by hovering in the corresponding section of the pie graph.

Users With Most Incidents for Last 7 Days

Depicts the user, number of incidents and the severity of those incidents for the past week.

App Risk

🚧

License Requirement

This entire tab requires an AFW license (Google or Office 365).

This tab details the Apps in your environment considered Risky and to what degree depending on different statistical data. (For more information see App Risk Score).

Most Risky Apps

Lists the top risky apps, number of users and risk level.

Your Apps by Risk Level

Breaks down the current installed apps by risk level.

Users With Risky Apps

Lists the top users with risky apps divided by severity.

Peer-Assessed App Risk

Apps are divided by risk according to how other users in the AFW community have rated the app.

Recently Granted Authorizations

Depicts the number of daily authorizations for the last week.

Data and Behavioral Risk

🚧

License Requirement

Both of these tabs require that at least one license has UEBA capabilities

Data Risk breaks down users’ activity with assets such as downloads, uploads, and deletion of files whereas Behavioral Risk shows highlighted user activity that may be risky.

The Data Risk tab will display:

Users with High Asset Activity—Users who have the most number of downloads, uploads and/or file deletions.

Most Downloaded Assets—Files that have been downloaded the most within the past week.

Asset Uploads/Download Trends - Files upload and download activity for the past week.

The Behavioral Risk tab will display:

Anomalies—Possible threats or account compromises based on user behavior.

Top Users with Admin Activity—Shows users with the most events considered admin-level.

Users and Activities by Platform—A table of users and events by platform.

Location-based Risk—Lists the cities, countries, and number of activities monitored in the last week.

Users with Most Login Failures—Lists the users with the most failed login attempts in the past week and the number of attempts made.

Compromised Account Risk—Suggests any users that may have a compromised account based on logins from three locations or more in the past week.