At-risk Endpoints

After running impact assessment, perform mitigation tasks on at-risk endpoints.

Column Name

Information

First Observed

Date and time when an artifact's presence is detected on target endpoints

Host Name

Name of the agent endpoint that harbors the matching suspicious object

Clicking a value in theĀ  Host Name column opens a screen that shows a graph of the execution flow of any suspicious activities involving or originating from that endpoint. This lets you analyze the enterprise-wide chain of events involved in a targeted attack. For details, see Detailed Mindmap.

User Name

Name of the user logged on to the endpoint

IP Address

IPv4 or IPv6 address of the endpoint

Importance

Importance assigned by a Control Manager administrator to the endpoint. For details, see Working with User or Endpoint Importance.

Take immediate action on important endpoints.

Matching Object(s)

Identifier(s) or component(s) of an attack that indicate what attacks are and how they are established

Action

Options to isolate or restore the connection of an endpoint. For details, see Endpoint Isolation and Connection Restoration.