Table of Contents | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Overview
The Entity Behavior dashboard provides a high-level overview of the riskiest entities in your organization. Metrics including total entities tracked and entities by criticality (critical, high, medium, low) are displayed on this page. There is also a dashboard that demonstrates the total number of alerts over time.
...
Name | Description |
Entities Tracked (Last 7 days) | The number of entities that have risk associated with them over the last 7 days, divided by criticality. |
Entities Tracked (Last 24 hours) | The number of entities that have risk associated with them over the last 24 hours. |
Number of Alerts Over Time | Graphical display of the SecOps and behavior alerts that have triggered over the last 30 days. This helps you get a high-level understanding of your organization’s environment. |
...
Detailed behavior
At the bottom of the page there are seven different widgets. These lists should be used to quickly identify risky entities. In order to choose which entity to investigate first, either drill into the critical entities flagged by the application or choose a Top User/Device/Domain with a high risk score.
...