For Android devices, distribution graph that shows the overall risk level for the device and the risks detected on it. See Risk assessment module lists.

Computer name.

Descriptive text provided by the administrator.

List of all the IP addresses (primary addresses and aliases).

IP address of the last device (router/proxy/VPN endpoint) that connected the customer network to the Internet.

Physical addresses of the network interface cards installed.

Windows domain the computer belongs to. This is empty if the computer does not belong to a domain.

Path to the computer in the company’s Active Directory.

Group in the group tree that the computer belongs to. To change the computer’s group, click Change.

Operating system installed on the computer.

Shows whether the computer is physical or virtual.

Shows whether the operating system of the virtual machine resides on a storage device that persists between restarts or reverts to its original state instead.

Cytomic product licenses installed on the computer. See Licenses for more information.

Internal version of the Cytomic agent installed on the computer.

Date when the computer was last booted.

Date when the computer’s operating system was last installed.

Access method used by Advanced EDR the last time it connected to the Cytomic cloud. This data is not updated immediately. It might take up to 1 hour for the correct value to show.

Date when the client software last connected to the Cytomic cloud. The communications agent connects at least every four hours.

Date Advanced EDR last connected to the Cytomic cloud checking for changes to the settings.

Shows the feature status:

• Enabled

• Disabled

• Error code

Shows the date and time of the last copy made.

Names of the user accounts that have an active session on the computer.

Protection against advanced threats, APTs, and exploits.

Installation of patches and updates for Windows, macOS, and Linux operating systems and third-party applications. Detection of the patch status of the computers on the network and removal of problematic patches.

Indicates whether patch installation is allowed or denied on the computer, or whether the computer is a test computer for patch installation. For more information, see Cytomic Patch features

Blocking of the execution of programs considered dangerous or not compatible with the organization activity by the administrator.

Date when Cytomic Patch last queried the cloud to check whether new patches had been published.

Internal version of the protection module installed on the computer.

Date when the signature file was last downloaded to the computer.

Encryption module status:

• Not available: The computer is not compatible with Cytomic Encryption.

• No information: The computer has not yet sent any information about the encryption module.

• Enabled: The computer has a settings profile assigned to encrypt its storage devices and no errors have occurred.

• Disabled: The computer has a settings profile assigned to decrypt its storage devices and no errors have occurred.

• Error installing: Error downloading or installing the executables required to manage the encryption service if they were not already installed on the computer.

• No license: The computer does not have a Advanced EDR license assigned.

Get recovery key: Opens a dialog box that shows the ID of the recovery key associated with the computer and the corresponding recovery key. For more information, see Obtaining a recovery key.

Encryption process status:

• Unknown: There are disks whose status is unknown.

• Unencrypted disks: For the computer encryption process to start, the user must enter administrator credentials.

• Encrypted disks: All disks compatible with the encryption technology are encrypted.

• Encrypting: At least one disk is currently in the encryption process.

• Decrypting: At least one disk is currently in the decryption process.

• Encrypted by the user: The user encrypted all of the disks.

• Encrypted by the user (partially): The user encrypted some of the disks.

• Password: While booting, the computer requests a PIN or password for authentication.

Monitors files containing data that could identify users or company customers (Cytomic Data Watch module).

Shows whether the computer has a settings profile assigned that enables it to receive searches for files and report their results.

Provided that content-based searches of files are allowed, Cytomic Data Watch parses all files contained in the supported storage media to retrieve their content and generate a database.

• Not indexed

• Indexed

• Indexed (text only)

• Indexed (all content)

• Indexing

Encryption module status:

• Not available: The computer is not compatible with Cytomic Encryption.

• No information: The computer has not yet sent any information about the encryption module.

• Enabled: The computer has a settings profile assigned to encrypt its storage devices and no errors have occurred.

• Disabled: The computer has a settings profile assigned to decrypt its storage devices and no errors have occurred.

• Error: The settings configured by the administrator do not allow an authentication method supported by Cytomic Encryption to be applied on the operating system version installed on the computer.

• Error installing: Error downloading or installing the executables required to manage the encryption service if they were not already installed on the computer.

• No license: The computer does not have a Advanced EDR license assigned.

Get recovery key: Opens a dialog box that shows the IDs of the computer encrypted disks. Click an ID to show the relevant recovery key. For more information, see Obtaining a recovery key.

Encryption process status:

• Unknown: There are disks whose status is unknown.

• Unencrypted disks: Some of the disks compatible with the encryption technology are neither encrypted nor in the process of being encrypted.

  Unencrypted disks: Some of the disks compatible with the encryption technology are neither encrypted nor in the process of being encrypted.

• Encrypted disks: All disks compatible with the encryption technology are encrypted.

• Encrypting: At least one disk is currently in the encryption process.

• Decrypting: At least one disk is currently in the decryption process.

• Encrypted by the user: The user encrypted all of the disks.

• Encrypted by the user (partially): The user encrypted some of the disks.

• Unknown: The authentication method is not compatible with those supported by Cytomic Patch.

• Security processor (TPM).

• Security processor (TPM) + Password

• Password: Authentication method based on a PIN, extended PIN, or passphrase.

• USB drive: Authentication method based on a USB drive.

• None: None of the drives compatible with the encryption technology is encrypted or in the process of being encrypted.

Date when the computer was fully encrypted for the first time.