LogoLogo
Get Demo
  • 💫NEXT-GENERATION PRODUCT
    • Introduction
    • Getting Started
      • 1. Invite System Users
      • 2. Add Target Users
        • Add Users via CSV
        • Add users via SCIM
          • SCIM Setup in Azure AD
          • SCIM Setup in Okta
          • SCIM Setup in Onelogin
          • SCIM Setup in Jumpcloud
        • Add users via LDAP
        • Add Users via API
      • 3. Email Deliverability
        • Microsoft 365
          • M365: Direct Email Creation
          • M365: Whitelisting
        • Google Workspace
          • Google: Direct Email Creation
          • Google: Whitelisting
        • Exchange 2013 and 2016
      • 4. Track Opened Emails
      • 5. Allow Phishing URLs
        • Whitelist for Office 365
        • Whitelist for Google Workspace
        • Whitelist for Exchange 2013/2016
        • Whitelist in Security Solutions
      • 6. Setup Phishing Reporter
        • Step 1. Download Phishing Reporter
        • Step 2. Deploy Phishing Reporter
          • How to Deploy Add-In in Microsoft 365
          • How to Deploy Add-In in Exchange Admin Center
          • How to Deploy Add-In in Google Workspace
          • How to Deploy Add-In in Outlook
            • Troubleshooting Phishing Reporter Add-In on Outlook Desktop
      • 7. Incident Responder Setup
        • Step 1. Integrate Threat Intel Partners
        • Step 2. Mail Configurations
          • Microsoft 365
          • Google Workspace (Gsuite)
          • Exchange (EWS)
    • Platform
      • Dashboard
        • Dashboard Widgets
        • Incident Responder Widgets
        • Threat Sharing Widgets
        • Phishing Simulator Widgets
      • Threat Intelligence
      • Email Threat Simulator
        • Start Scan
        • View Scan Report
        • Create Trusted Account on Exchange
        • Start Scan on O365 Email Account
        • Start Scan on Google Workspace Email Account
      • Threat Sharing
        • Communities
        • Incidents
      • Phishing Simulator
        • Manage Phishing Scenarios
          • Phishing Scenarios
          • Email Templates
          • Landing Pages
        • Phishing Campaign Manager
        • Phishing Campaign Reports
        • Settings
          • DNS Services and Domains
          • Exclude IP Address
      • Callback Simulator
        • Manage Callback Scenarios
          • Callback Scenarios
          • Callback Email Templates
          • Callback Templates
        • Callback Campaign Manager
        • Callback Campaign Reports
        • Settings
          • Callback Phone Numbers
      • Vishing Simulator
        • Vishing Templates
        • Vishing Campaign Manager
        • Vishing Campaign Reports
      • Smishing Simulator
        • Manage Smishing Scenarios
          • Smishing Scenarios
          • Text Message Templates
          • Landing Page Templates
        • Smishing Campaign Manager
        • Smishing Campaign Reports
        • Settings
          • Manage DNS and Domains
          • Exclude IP Addresses
      • Quishing Simulator
        • Manage Quishing Scenarios
          • Quishing Scenarios
          • Quishing Templates
          • Quishing Landing Page Templates
        • Quishing Campaign Manager
        • Quishing Campaign Reports
        • Settings
          • DNS and Domains
          • Excluding IP Address
      • Awareness Educator
        • Training Library
        • Enrollments
        • Certificates
        • Training Reports
        • Training Completion Queries
      • Incident Responder
        • Incident Responder Dashboard
        • Investigations
        • Integrations
        • Playbook
        • Mail Configurations
          • Microsoft 365
          • Exchange
          • Google Workspace
        • Cross Company Integration
      • Phishing Reporter
        • Phishing Reporter Customization
        • Phishing Reporter Deployment
          • How to Deploy the Add-in in Microsoft 365
          • Phishing Reporter Page View Failure Due to Deprecated Exchange Online Tokens
          • Microsoft Ribbon Phishing Reporter
          • How to Deploy the Add-in in Exchange Admin Center
          • How to Deploy the Add-in in Google Workspace
          • Phishing Reporter Announcement Email Template
        • Diagnostic Tool
        • Integrating Microsoft Phishing Reporting Button with Keepnet
        • Troubleshooting Phishing Reporter on Outlook Desktop
      • Reports
        • Advanced Reports
        • Executive Reports
        • Scheduled Reports
        • Gamification Report
      • Company
        • Target Users
        • Companies
          • Company Groups
        • Company Settings
          • Privacy
            • Account Privacy
            • Data Privacy
          • AI Ally Settings
          • SMTP Settings
          • Direct Email Creation
            • Direct Email Creation for Google Workspace
            • Direct Email Creation for Microsoft 365
          • Notification Templates
          • Google User Provisioning
          • REST API
          • White Labeling
          • Proxy Settings
          • SAML Settings
            • How to Configure SAML on ADFS
            • How to Configure SAML on Google Workspace
            • How to Configure SAML on Azure AD
            • How to Configure SAML on CyberArk
            • How to Configure SAML on Okta
          • SCIM Settings
            • Getting Started with SCIM
            • Azure AD SCIM Integration
            • Okta SCIM Integration
            • Onelogin SCIM Integration
            • Jumpcloud SCIM Integration
          • SIEM Integrations
            • Splunk Integration
            • Syslog Integration
          • LDAP
          • Allowed Domains
        • System Users
          • People
          • Roles
        • Audit Log
        • Job Log
      • Free Phishing Email Analysis Service
    • Miscellaneous
      • Whitelisting
        • How to Whitelist an IP Address in Office 365
        • How to Whitelist an IP Address in Exchange 2013 and 2016
        • How to Whitelist an IP Address in Google Workspace
        • How to Whitelist in Mimecast
        • Whitelisting in Other Security Solutions
        • Whitelisting the Pictures on Microsoft Outlook Apps
        • Keepnet Tools Whitelisting Guidelines
        • Understanding Email Delivery Errors
        • Tracking Email Opens in Phishing Simulations
      • User Profile
      • Multi-Factor Authentication (MFA) Settings
      • On-Premise Requirement Checker
      • Platform Requirements
        • Portal UI Requirements
        • Phishing Reporter Requirements
        • Diagnostic Tool Requirements
      • Maintenance Tool
      • Understanding the Preferred Language Setting
  • 📚RESOURCES
    • Platform Security
    • Volume & Performance
    • Customer Help Desk
    • Product Update/Maintenance
    • Research Methodology
    • Release Notes
      • 2025
      • 2024
      • 2023
      • 2022
      • 2021
      • 2020
  • ⚖️Legal Hub
    • For Customers
      • Customer Terms of Service
      • Product Specific Terms
      • Jurisdiction Specific Terms
      • Data Processing Agreement
      • Regional Data Hosting Policy
      • Product and Services Catalog
      • Acceptable Use Policy
      • Keepnet Security Program
      • Microsoft CoPilot Usage Policy
    • For Everyone
      • Website
        • Terms of Use
        • Privacy Policy
        • Cookie Policy
      • Free Phishing Email Analysis
        • Terms of Service
        • Privacy Policy
      • Transparency Report
Powered by GitBook

Copyright © Keepnet Labs LTD. All rights reserved.

On this page
  • Investigations
  • ROI Summary
  • Phishing Reporter
  • Incident Analysis
  • Reported Email Trends
  • Recently Reported Incidents
  • Recent Investigations
  • Reporters
  • Recent Incidents
  • Top Rules

Was this helpful?

Export as PDF
  1. NEXT-GENERATION PRODUCT
  2. Platform
  3. Dashboard

Incident Responder Widgets

PreviousDashboard WidgetsNextThreat Sharing Widgets

Last updated 1 month ago

Was this helpful?

Your license model determines which widgets are available on the Dashboard page.

Investigations

The Investigations widget displays a summary of the number of automated and manual investigations your company has launched.

Click the (icon symbol) button in the upper right corner of the widget to see detailed information about all of the investigations.

You can visit this for detailed information about investigations.

ROI Summary

This widget summarizes the estimated return on investment, or savings achieved using the Incident Responder product.

For this feature to produce accurate results, you will need to enter the time and cost information specific to your business.

Go to the Incident Responder > Incident Responder page and click the Settings button at the top right of the ROI Summary window and provide the following elements for the calculation:

Average hours saved per reported email

The average time spent investigating a reported suspicious email manually (per email)

Average total cost per hour

The average cost to investigate a reported suspicious email manually (per hour)

Phishing Reporter

The Phishing Reporter widget shows the number of people who have the plugin installed and the number of users who have been active in the previous 4 minutes. Visit this to learn more detailed information about the technical structure of the Phishing Reporter plugin.

Incident Analysis

Reported Email Trends

The Reporter Email Trends widget provides a monthly analysis of the previous 6 months that includes the total number of malicious, phishing, or undetected emails, and the recent trend in activity.

Recently Reported Incidents

The Recently Reported Incidents widget shows the subject line, the status of the analysis (open, closed, in-progress, false-positive), and the result of the analysis (undetected, phishing, malicious, simulation) of the last five suspicious emails reported.

You can click on the title of each reported email to see specific summary information.

Click the All button on the top right of the widget to display all of the reported emails in detail.

Recent Investigations

The Recent Investigations widget shows the subject of the last five investigations, the progress of the investigations (%), and the current status (running, canceled, finished, expired). You can view a summary of the investigation by clicking on an investigation title.

Click the All button at the top right of the widget to go to the Investigations page.

Reporters

The Reporters widget shows the five most reliable users who report suspicious emails to the platform. The reliability score improves when the reported email is confirmed to be a phishing or otherwise malicious message. The reliability score will drop if the reported suspicious email does not contain irrelevant and/or harmful content.

Reliability status is classified as follows:

Very Low

Reliability score of 0-20

Low

Reliability score of 20-40

Medium

Reliability score of 40-60

High

Reliability score of 60-80

Very high

Reliability score of 80-100

You can click the All button at the top right of the widget to see a list of all of the users who have reported suspicious activity to the platform.

Recent Incidents

This widget shows the last five reported email incidents and their results. You can access to the last five reported email incidents with their status and you can click on the related incident to access details.

Top Rules

The Rules box displays the top 5 playbook rules, the criteria used to analyze emails, defined in the Incident Responder platform that was met the most often.

The Incident Analysis widget displays the total number of suspicious emails reported and the number of emails confirmed to be malicious. Visit this for detailed information about the process used to analyze suspicious emails.

💫
document
link
page