Incident Responder Widgets
Your license model determines which widgets are available on the Dashboard page.
Investigations
The Investigations widget displays a summary of the number of automated and manual investigations your company has launched.
Click the (icon symbol) button in the upper right corner of the widget to see detailed information about all of the investigations.
You can visit this document for detailed information about investigations.
ROI Summary
This widget summarizes the estimated return on investment, or savings achieved using the Incident Responder product.
For this feature to produce accurate results, you will need to enter the time and cost information specific to your business.
Go to the Incident Responder > Incident Responder page and click the Settings button at the top right of the ROI Summary window and provide the following elements for the calculation:
Average hours saved per reported email | The average time spent investigating a reported suspicious email manually (per email) |
Average total cost per hour | The average cost to investigate a reported suspicious email manually (per hour) |
Phishing Reporter
The Phishing Reporter widget shows the number of people who have the plugin installed and the number of users who have been active in the previous 4 minutes. Visit this link to learn more detailed information about the technical structure of the Phishing Reporter plugin.
Incident Analysis
The Incident Analysis widget displays the total number of suspicious emails reported and the number of emails confirmed to be malicious. Visit this page for detailed information about the process used to analyze suspicious emails.
Reported Email Trends
The Reporter Email Trends widget provides a monthly analysis of the previous 6 months that includes the total number of malicious, phishing, or undetected emails, and the recent trend in activity.
Recently Reported Incidents
The Recently Reported Incidents widget shows the subject line, the status of the analysis (open, closed, in-progress, false-positive), and the result of the analysis (undetected, phishing, malicious, simulation) of the last five suspicious emails reported.
You can click on the title of each reported email to see specific summary information.
Click the All button on the top right of the widget to display all of the reported emails in detail.
Recent Investigations
The Recent Investigations widget shows the subject of the last five investigations, the progress of the investigations (%), and the current status (running, canceled, finished, expired). You can view a summary of the investigation by clicking on an investigation title.
Click the All button at the top right of the widget to go to the Investigations page.
Reporters
The Reporters widget shows the five most reliable users who report suspicious emails to the platform. The reliability score improves when the reported email is confirmed to be a phishing or otherwise malicious message. The reliability score will drop if the reported suspicious email does not contain irrelevant and/or harmful content.
Reliability status is classified as follows:
Very Low | Reliability score of 0-20 |
Low | Reliability score of 20-40 |
Medium | Reliability score of 40-60 |
High | Reliability score of 60-80 |
Very high | Reliability score of 80-100 |
You can click the All button at the top right of the widget to see a list of all of the users who have reported suspicious activity to the platform.
Top Rules
The Rules box displays the top 5 playbook rules, the criteria used to analyze emails, defined in the Incident Responder platform that was met the most often.
Last updated