Views:

View detailed information about a selected device and take actions to mitigate the device's effect on the Risk Index.

Available actions:
  • Hover over the device name to view critical information about the device, such as the current risk score, asset criticality, and significant profile tags. To manually modify the criticality of the device, click Modify Criticality, select a criticality source of Custom, and select the criticality of the asset.
  • Select the Custom Tags tab while hovering over the device name to view and manage custom tags assigned to the device.
    • Important
      Important
      This is a pre-release sub-feature and is not part of the existing features of an official commercial or general release. Please review the Pre-release sub-feature disclaimer before using the sub-feature.
  • Click the actions icon ( options=ddb0b67f-0654-4aa5-8bc7-48ec554c5448.png ) to access actions for the selected asset. Using this menu, you can view the Asset Risk Graph, add the device to an exception list, or take response actions.
The following table describes the tabs available on the device profile screen.
Important
Important
Customers with XDR sensor entitlements that have not allocated credits to Attack Surface Risk Management can only see the Risk Score widget of the Risk Assessment tab and access the Users and Asset Profile tabs.

Device Profile Screen Tabs

Tab
Description
A device's risk assessment displays activity data in several widgets.
  • Risk Score: Assessment of the device's activity over the last 30 days
    Note
    Note
    A device's risk score is calculated every 4 hours.
  • Risk Indicators: A list of events that might indicate the device is vulnerable to attack
Asset Risk Graph
The Asset Risk Graph illustrates the asset's connection to other assets in your environment.
  • Click any asset in the Asset Risk Graph to view details, including asset criticality, significant profile tags, and risk indicators.
  • Click the label in an arrow to view a description of the relationship, such as the first and last time a connection occurred.
To manually modify the criticality of the asset, click Modify Criticality, select a criticality source of Custom, and select the criticality of the asset.
Cloud App Activity
A device's cloud app activity displays in several widgets.
  • Accessed Cloud App Risk Levels: Displays how many cloud apps the user/device accessed on a given day and the proportionate risk levels of the apps
  • Cloud App Usage by Category: Displays the categories of the cloud apps accessed by the user/device
  • Sanctioned / Unsanctioned Cloud App Access: Indicates how often a user/device accesses sanctioned/unsanctioned cloud apps
  • Device Activity: A geographical representation of where the device has been used to access cloud apps
Local Apps
Local applications detected on the device
Note
Note
The Local Apps tab is only available in certain regions.
Important
Important
This is a pre-release sub-feature and is not part of the existing features of an official commercial or general release. Please review the Pre-release sub-feature disclaimer before using the sub-feature.
Users
The users that accessed the asset and each user's risk score
Note
Note
For customers that have updated to the Foundation Services release, the Users tab is only available for users with the Accounts asset visibility scope.
Asset Profile
Detailed information about the asset, including asset criticality and a complete list of the asset's pre-defined profile tags, third-party tags, and custom tags created by your organization and assigned to the asset.
You may modify the values for select pre-defined tags by clicking the edit (edit_icon=GUID-1F1D1164-5310-4D6D-ACD0-6049C86960AF.png) icon next to the tag.
To assign or remove custom tags from the asset, click Manage Tags.
To manually modify the criticality of the asset, click Modify Criticality, select a criticality source of Custom, and select the criticality of the asset.