Views:

An account profile in Operations Dashboard details a user account's risk score, cloud activities, and device associations.

Available actions:
  • Hover over the asset name to view critical information about the account, such as the current risk score, asset criticality, and significant profile tags. To manually modify the criticality of the account, click Modify Criticality, select a criticality source of Custom, and select the criticality of the asset.
  • Click the actions icon ( options.png ) to access actions for the selected asset. Using this menu, you can view the Asset Risk Graph, add the account to an exception list, or take response actions.
The following table describes the tabs available on the account profile screen.
Important
Important
Customers with XDR sensor entitlements that have not allocated credits to Attack Surface Risk Management can only see the Risk Score widget of the Risk Assessment tab and access the Devices and Asset Profile tabs.
Tab
Description
Risk Assessment
An account's risk assessment displays activity data in several widgets.
  • Risk Score: Assessment of the user's behavioral and cloud activity over the last 30 days
    Note
    Note
    A user's risk score is calculated every 4 hours.
  • Risk Indicators: A list of events that might indicate the user account is vulnerable to attack
  • Account Activity by location: A geographical representation of where the user account has been accessed
Note
Note
For customers that have updated to the Foundation Services release, the Risk Assessment tab is only available for users with the Accounts asset visibility scope.
Asset Risk Graph
The Asset Risk Graph illustrates the asset's connection to other assets in your environment.
  • Click any asset in the Asset Risk Graph to view details, including asset criticality, significant profile tags, and risk indicators.
  • Click the label in an arrow to view a description of the relationship, such as the first and last time a connection occurred.
To manually modify the criticality of the asset, click Modify Criticality, select a criticality source of Custom, and select the criticality of the asset.
Cloud App Activity
An account's cloud app activity displays in several widgets.
  • Sanctioned / Unsanctioned Cloud App Access: Indicates how often a user/device accesses sanctioned/unsanctioned cloud apps
  • Accessed Cloud App Risk Levels: Displays how many cloud apps the user/device accessed on a given day and the proportionate risk levels of the apps
  • Cloud App Usage by Category: Displays the categories of the cloud apps accessed by the user/device
  • Account Activity: A geographical representation of where the user account has been accessed cloud apps
Devices
The devices accessed by the user and each device's risk score
Click a device name to view the Device profile.
Asset Profile
Detailed information about the asset, including asset criticality and a complete list of the asset's profile tags.
To manually modify the criticality of the asset, click Modify Criticality, select a criticality source of Custom, and select the criticality of the asset.