Top At-Risk Users / Risk Events

This widget shows the top 5 internal users that distributed the most phishing emails, malicious files, ransomware, and malicious URLs over the selected time period. With this widget, you can easily identify the users that pose serious threats to your company, whether they are compromised users or malicious insiders. Cloud App Security collects statistics for this widget from all protected service types, including Office 365 services, Box, Dropbox, Google Drive, Gmail, and Salesforce.

Use the drop-down menu to select the time period to view.

Click the number under the current period to view logs related to the corresponding time period (last 24 hours, 7 days, or 30 days).

This widget shows the top 5 internal users that sent the most spam email messages over the selected time period. With this widget, you can easily identify the users that cause the most disruption to the normal traffic of your company, whether they are compromised users or malicious insiders. Cloud App Security collects statistics for this widget from all protected email service types, including Exchange Online and Gmail.

Use the drop-down menu to select the time period to view.

Click the number under the current period to view logs related to the corresponding time period (last 24 hours, 7 days, or 30 days).

This widget shows the top 5 internal users that received the most phishing emails, malicious files, ransomware, and malicious URLs over the selected time period. These users are most targeted by serious attacks and may require your immediate attention. Cloud App Security collects statistics for this widget from all protected email service types, including Exchange Online and Gmail.

Use the drop-down menu to select the time period to view.

Click the number under the current period to view logs related to the corresponding time period (last 24 hours, 7 days, or 30 days).

This widget shows the top 5 internal users that received the most spam email messages over the selected time period. This widget allows you to easily identify the users most targeted by spams. Cloud App Security collects statistics for this widget from all protected email service types, including Exchange Online and Gmail.

Use the drop-down menu to select the time period to view.

Click the number under the current period to view logs related to the corresponding time period (last 24 hours, 7 days, or 30 days).

This widget shows the internal Office 365 users that trigger the most high risk events. By obtaining and aggregating high risk event data from Trend Vision One and Microsoft Identity Protection, Cloud App Security allows you to identify the most at-risk internal Office 365 users in your organization based on a wide range of risk information.

Use the drop-down menu to select the time period to view.

Hover over the number of events to view the event details, including the name and triggered times of each event.

Click Go to Operations Dashboard to view more risk information about the users in your organization.

The Operations Dashboard in Trend Vision One aggregates data from wider sources and dimensions to provide you in-depth and comprehensive risk insights.

This widget shows the high risk events that are triggered most frequently by internal Office 365 users. By obtaining and aggregating high risk event data from Trend Vision One and Microsoft Identity Protection, Cloud App Security allows you to identify the risk events that pose the biggest dangers to your organization based on a wide range of risk information..

Select a risk category from the Risk Category drop-down menu to view the top users that trigger the high risk events in this category.

For details about the risk categories, see At-Risk User Trends.

Use the drop-down menu to select the time period to view.

Click Go to Operations Dashboard to view more risk information about the users in your organization.

The Operations Dashboard in Trend Vision One aggregates data from wider sources and dimensions to provide you in-depth and comprehensive risk insights.