Attack Overview | Trend Micro Service Central

Views:

Learn about the information available in Attack Overview within Executive Dashboard, including summaries of threats under the XDR Detection and Threat Detection risk factors.

Attack Overview displays your organization's risk level within the attack risk category, which is averaged from the daily attack intensity of all detected cyber threats in each attack phase. Factors considered when determining attack risk include:

Number of known threat detections
Number of impacted assets
Severity of each unique threat type detected

Daily attack scores are averaged from the maximum attack intensity of all detected cyber threats over the last 14 days. You can view your attack scores from the last 30 days on the attack overview trend graph. A high attack score indicates that you may need to review and reinforce your security configuration.

Important

The attack risk level is calculated using all data received from your business without applying asset visibility scope limits.

View your top cyber threats under your attack risk level along with contributing risk factors, including:

XDR detection: Includes risk events related to Workbench alerts associated with your managed assets
Threat detection: Includes risk events related to threat detections on your managed assets

The following table details the widgets available in Attack Overview.

Widget

Description

Attack Trend Graph

Displays trending daily attack scores from the last 30 days, demonstrating the rise and fall of the volume of attack waves received by your organization. Compare your trending attack wave volume with organizations of similar size, in the same region, or part of the same industry.

Note

Attack scores on the trend graph represent the relative volume of detected attacks, including those detected and prevented by your security configuration. A high attack score may require attention, but significant changes in the attack score (from low to medium, for example) are also noteworthy and may mean you should strengthen your security posture.

Top Industry Threats

To view details on the top threats affecting your industry, click View under Top industry threats next to the attack trend graph.

Important

To view your industry's top three threats, you must configure your industry and company size in your Business Profile. Viewing industry threats automatically sets the attack phase overview to display information for all assets over the last 30 days.
Trend Vision One uses industry threat data to make accurate organizational comparisons to global averages.

Attack Phase Overview

A representation of the overall intensity of attacks detected in your organization over a specified 30-day time period, arranged by date and attack phase. Attack intensity compares the total threat count with the number of impacted assets and multiplies the result by the possible impact.

Scores represent the intensity of attacks in a particular attack phase on a particular date. Hot spots in the upper-right corner of the widget indicate recent attacks that have progressed to critical attack phases and should be addressed immediately.

Cyber Threats

The highest-intensity cyber threats detected in your organization over the same specified 30-day time period

Note

A high attack intensity only indicates the strength of the attacks and does not necessarily indicate that any damage has occurred.

Note

For customers that have updated to the Foundation Services release, drilling down from the Impact scope column is only available for users with the Accounts asset visibility scope.