Procedure

1. Go to Detections → Users.
2. Optionally, filter the result set by specifying search criteria.
   • User Name
   • Period
   When specifying a period, Deep Discovery Web Inspector dynamically filters the results.

   When specifying a user name, click on the Search () icon or press Enter to filter the results.
   All detections matching the search criteria appear.
3. View the results.

   Header	Description
   User Name	View the user name logged on to the host with detections of malicious or suspicious objects. Note When Active Directory Services are configured and Deep Discovery Web Inspector can identify the logged on user for the detection, the user name is displayed. Otherwise the IP address of the host is displayed.
   Detections	View the number of detections with malicious or suspicious characteristics for the selected object.
   High Risk	View the number of high risk detections for the selected object. These are detections with malicious characteristics.
   Medium Risk	View the number of medium risk detections for the selected object. These are detections with characteristics that are most likely malicious.
   Low Risk	View the number of low risk detections for the selected object. These are detections with suspicious characteristics.
   Potential Threat	View the number of potential threat risk detections for the selected object. These are detections for sample submission to Virtual Analyzer.
   User Defined Risk	View the number of detections for user-defined objects. These detections might include the following: Untrusted Server Certificate or user-defined policy.
   Latest Detection	View the date and time for the most recent occurrence of the malicious or suspicious object detected in Deep Discovery Web Inspector.

4. Under Detections, click on the number to view more detailed information about detections for that user name.
   The All Detections screen opens with the results filtered for that user name.

   See Viewing All Detections.