You can perform a historical impact analysis
of security threats in your environment from the Affected Users tab on the Security
Threats screen in Apex
Central.
Apex One Endpoint Sensor analyzes the impact of suspicious
files, IP addresses, and domains in your environment by contacting agents and
performing a historical scan of the agent logs to determine if the suspicious
objects have affected your environment for a period of time without detection.
 |
ImportantImpact analysis requires a valid Apex One Endpoint
Sensor license. Ensure that you have a valid Apex One Endpoint Sensor
license and enable the Enable Sensor feature for the appropriate
Apex One Security Agent or Apex
One (Mac) policies.
For more information, see the Apex
Central Widget and Policy Management
Guide.
|
Procedure
- On the Apex Central console, go to .
- On the Users with Threats or Endpoints with Threats widgets, click a number.
- On the screen that appears, click a Security
Threat name in the Security Threat Details
table.The Affected Users screen appears.
- Click Analyze Impact.Endpoint Sensor scans historical network traffic and logs for any detections of the suspicious object.For more information, see Historical Investigations in Endpoint Sensor.