Views:

Provides a summary of the endpoints with the most suspicious threat detections. Example: name of the destination, summary information about the source and rules/violations, the total number of suspicious threats on the network

Table 1. Suspicious Threat Riskiest Endpoints Summary Data View

Data

Description

Endpoint IP

Displays the IP addresses of computers affected by suspicious threats.

Unique Policies/Rules

Displays the number of unique policies/rules the source computer violates.

Example: A managed product detects 10 policy violation instances of the same policy on 2 computers.

Unique Policies/Rules = 1

Unique Sources

Displays the number of unique sources where suspicious threats originate.

Example: A managed product detects 10 suspicious threat instances of the same type originating from 3 computers.

Unique Sources = 3

Detections

Displays the total number of policy/rule violations managed products detect.

Example: A managed product detects 10 violation instances of the same type on one computer.

Detections = 10