Account profile | Trend Micro Service Central

Views:

An account profile in Operations Dashboard details a user account's risk score, cloud activities, and device associations.

Hover over the asset name to view critical information about the account, such as the current risk score, asset criticality, and significant profile tags. To manually modify the criticality of the account, click Modify Criticality, select a criticality source of Custom, and select the criticality of the asset.
Click the actions icon ( ) to access actions for the selected asset. Using this menu, you can view the Asset Risk Graph, add the account to an exception list, or take response actions.

The following table describes the tabs available on the account profile screen.

Important

Customers with XDR sensor entitlements that have not allocated credits to Attack Surface Risk Management can only see the Risk Score widget of the Risk Assessment tab and access the Devices and Asset Profile tabs.

Tab

Description

Risk Assessment

An account's risk assessment displays activity data in several widgets.

Risk Score: Assessment of the behavioral and cloud activity of the user over the last 30 days

Note

A user risk score is calculated every 4 hours.
Risk Indicators: A list of events that might indicate the user account is vulnerable to attack
Account Activity by location: A geographical representation of where the user account has been accessed

Note

For customers that have updated to the Foundation Services release, the Risk Assessment tab is only available for users with the Accounts asset visibility scope.

Asset Risk Graph

The Asset Risk Graph illustrates the asset's connection to other assets in your environment.

Click any asset in the Asset Risk Graph to view details, including asset criticality, significant profile tags, and risk indicators.
Click the label in an arrow to view a description of the relationship, such as the first and last time a connection occurred.

To manually modify the criticality of the asset, click Modify Criticality, select a criticality source of Custom, and select the criticality of the asset.

Public Cloud App Activity

Account public cloud app activity displays in several widgets.

Sanctioned / Unsanctioned Public Cloud App Access: Indicates how often a user or device accesses sanctioned or unsanctioned public cloud apps
Reputation of Visited Public Cloud Apps: Displays how many public cloud apps the user or device accessed on a given day and the proportionate reputations of the apps
Public Cloud App Usage by Category: Displays the categories of the public cloud apps accessed by the user or device
Account Activity: A geographical representation of where the user account has accessed public cloud apps

Devices

The devices accessed by the user and each device's risk score

Click a device name to view the Device profile.

Asset Profile

Detailed information about the asset, including asset criticality and a complete list of the asset's pre-defined profile tags, third-party tags, and custom tags created by your organization and assigned to the asset. You may modify the values for select pre-defined tags by clicking the edit ( edit_icon=GUID-1F1D1164-5310-4D6D-ACD0-6049C86960AF.png

edit_icon=GUID-1F1D1164-5310-4D6D-ACD0-6049C86960AF.png

) icon next to the tag. To modify custom tags on the asset, click Manage Tags

To manually modify the criticality of the asset, click Modify Criticality, select a criticality source of Custom, and select the criticality of the asset.