Risk assessment module lists

Accessing the lists

You can access the risk assessment lists in two ways:

  • Select the Status menu at the top of the console.

  • Select Risks from the side menu. Click the relevant widget.

    Or

  • Select the Status menu at the top of the console.

  • From the side panel, in the My lists section, click Add. The Add list window opens. This window shows all available lists.

  • In the General section, select the risk list you want to use: Risks by computer or Risks. The list template opens. Edit and save it. The list is added to the My lists section in the side menu.

Risks by computer list

This list shows information about the risks detected on each computer or device as well as their risk level.

Field Comment Values

Computer

Computer name.

Character string

Group

Group to which the computer belongs.

Character string

Last connection

Date/time when the computer status was last sent to the Cytomic cloud.

Date/time

Risk level

Risk level for the computer or device. It is equal to the highest risk level for any risk detected on the computer.

  • No risk: No risk was detected that had a critical, high, or medium risk level.

  • Critical: One or more risk detected have a critical risk level.

  • High: The highest risk level for any risk detected on the computer was high.

  • Medium: The highest risk level for any risk detected on the computer was medium.

Computer risks

Graph showing the risks detected on the computer or device during risk assessment.

  • Red: Number of critical risks.

  • Orange: Number of high risks.

  • Yellow: Number of medium risks.

  • Green: Number of risks with no impact on security.

  • Light gray: Number of risks not compatible with the operating system installed on the computer or device.

  • Dark gray: Number of risks that were not evaluated because you did not enable them.

Fields in the Risks by computer list

Click a row in the list to open the computer details page. See Computer details and Details section (3).

Fields displayed in the exported file

You can export the information in the list to a CSV file. Click the icon. The exported file contains the following data:

Field Comment Values

Client

Customer account the service belongs to.

Character string

Computer type

Type of device.

  • Workstation

  • Laptop

  • Server

Computer

Computer name.

Character string

Group

Folder in the Advanced EDR group tree that the computer belongs to.

Character string

Last connection

Date when the computer status was last sent to the Cytomic cloud.

Date

Platform

Operating system installed on the computer.

  • Windows

  • Linux

  • macOS

Risk level

Overall risk level for the computer or device.

  • No risk

  • Medium

  • High

  • Critical

Critical risks

Number of critical risks detected on the computer.

Numeric value

High risks

Number of high risks detected on the computer.

Numeric value

Medium risks

Number of medium risks detected on the computer.

Numeric value

No risk

Number of risks that have no impact on security.

Numeric value

Not applicable risks

Number of risks that do not apply to the computer based on the operating systems installed.

Numeric value

Not evaluated risks

Number of risks that you did not enable for evaluation.

Numeric value

Fields in the Risks by computer exported file

Filter tool

To open the filter tool, click the Filters link next to the search box on the Risks by computer page. The filtering options are these:

Field Comment Values

Search computer

Filters computers by name.

Character string

Computer type

Filters computers according to type.

  • Workstation

  • Laptop

  • Server

Last connection

Date when the computer risks were last sent to the Cytomic cloud.

  • All

  • Less than 24 hours ago

  • Less than 3 days ago

  • Less than 7 days ago

  • Less than 30 days ago

  • More than 3 days ago

  • More than 7 days ago

  • More than 30 days ago

Platform

Operating system installed on the computer.

  • All

  • Windows

  • Linux

  • macOS

Detected risk

The risk you enabled for evaluation.

  • All

  • No protection

  • Out-of-date protection

  • No connectivity to knowledge servers

  • No uninstallation protection

  • Anti-tamper protection disabled

  • Advanced protection for Windows disabled or in Audit mode

  • Advanced protection for Windows in Hardening mode

  • Advanced protection for Linux disabled or in Do not detect or Audit mode

  • Anti-exploit protection disabled or in Audit mode

  • Folder, file, and extension exclusions

  • Recent indicators of attack

  • Critical patches pending installation

  • Audit mode enabled

  • Network attack protection disabled or in "Audit" mode

Risk level

Risk level assigned.

  • Critical

  • High

  • Medium

  • No risk

Filters available in the Risks by computer list

Risks list

The Risks list shows the risks you enabled for evaluation and the number of affected computers based on the risk level assigned to each risk. Click a row in the list to open the Risks by computer list.

The Risks list shows the following data:

Field Comment Values

Risk

Risk name.

Character string

Computers

Number of computers where the risk was detected.

Numeric value

Risk level

Risk level assigned.

Risk by computers

Distribution graph that shows the number of computers where the risk was detected and the risk level assigned (Critical, High, Medium), and computers where there is no risk (the risk was selected for detection but was not detected).

  • Red: Number of computers where the risk was detected and the risk level assigned is Critical.

  • Orange: Number of computers where the risk was detected and the risk level assigned is High.

  • Yellow: Number of computers where the risk was detected and the risk level assigned is Medium.

  • Light gray: Number of computers where the risk was not evaluated because it is not compatible with the operating system installed.

  • Dark gray: Number of computers where the risk was not evaluated because you did not enable it for detection.

Fields in the Risks list

Fields in the exported file

You can export the information in the list to a CSV file. Click the icon. The exported file contains the following data:

Field Comment Values

Client

Customer account the service belongs to.

Character string

Risk

Name of the risk you enabled for evaluation.

Character string

Risk level

Risk level assigned.

  • Critical

  • High

  • Medium

Computers where the risk was detected

Number of computers where the risk was detected.

Numeric value

Critical

Number of computers in the account that have a Critical risk level.

Numeric value

High

Number of computers in the account that have a High risk level.

Numeric value

Medium

Number of computers in the account that have a Medium risk level.

Numeric value

Computers with no risk

Number of computers where the risk was not detected.

Numeric value

Computers the risk does not apply to

Number of computers where the risk was not evaluated because it is not compatible with the operating system installed.

Numeric value

Computers where the risk was not evaluated

Number of computers for which the risk was not enabled for detection.

Numeric value

Fields in the Risks exported file

Filter tool

To open the filter tool, click the Filters link next to the search box on the Risks page. The filtering options are these:

Field Comment Values

Computer type

Filters computers according to type.

  • Workstation

  • Laptop

  • Server

Platform

Operating system installed on the computer.

  • Windows

  • Linux

  • macOS

Filters available in the Risks list

To schedule risk lists to be sent periodically, see Scheduled sending of reports and lists.