Critical Threats Widget

This widget displays the total number of critical threat types detected on your network and the number of Important Users and Other Users affected by each threat type.

Use the Range drop-down to select the time period for the data that displays.

The table lists critical threat types in order of severity.

  • Click a number in the Important Users or Other Users columns and then click the user you want to view.

    For more information, see Security Threats for Users.

The Threat Type column displays the following threat types.

Note:

Individual users may be affected by more than one critical threat type.

Threat Type

Description

Ransomware

Malware that prevents or limits users from accessing their system unless a ransom is paid

Known Advanced Persistent Threat (APT)

Intrusions by attackers that aggressively pursue and compromise chosen targets, often conducted in campaigns—a series of failed and successful attempts over time to get deeper and deeper into a target network—and not isolated incidents

Social engineering attack

Malware or hacker attacks that exploits a security vulnerability found in documents, such as a PDF file

Vulnerability attack

Malware or hacker attacks that exploits a security weakness typically found in programs and operating systems

Lateral movement

Searches for directories, email, and administration servers, and other assets to map the internal structure of a network, obtain credentials to access these systems, and allow the attacker to move from system to system

Unknown threats

Suspicious objects (IP addresses, domains, file SHA-1 hash values, email messages) with the "high" risk level, as detected by Deep Discovery Inspector, endpoint security products, or other products with Virtual Analyzer

C&C callback

Attempts to communicate with a command-and-control (C&C) server to deliver information, receive instructions, and download other malware

Total users affected by critical threats

The counts displayed in this row indicate the total number of "Important Users" and "Other Users" with at least one critical threat detection. Each user may be affected by more than one critical threat.