Incident Responder Widgets
Your license model determines which widgets are available on the Dashboard page.
Investigations
The Investigations widget displays a summary of the number of automated and manual investigations your company has launched.
Click the (icon symbol) button in the upper right corner of the widget to see detailed information about all of the investigations.
You can visit this document for detailed information about investigations.
ROI Summary
This widget summarizes the estimated return on investment, or savings achieved using the Incident Responder product.
For this feature to produce accurate results, you will need to enter the time and cost information specific to your business.
Go to the Incident Responder > Incident Responder page and click the Settings button at the top right of the ROI Summary window and provide the following elements for the calculation:
Average hours saved per reported email
The average time spent investigating a reported suspicious email manually (per email)
Average total cost per hour
The average cost to investigate a reported suspicious email manually (per hour)
Phishing Reporter
The Phishing Reporter widget shows the number of people who have the plugin installed and the number of users who have been active in the previous 4 minutes. Visit this link to learn more detailed information about the technical structure of the Phishing Reporter plugin.
Incident Analysis
The Incident Analysis widget displays the total number of suspicious emails reported and the number of emails confirmed to be malicious. Visit this page for detailed information about the process used to analyze suspicious emails.
Reported Email Trends
The Reporter Email Trends widget provides a monthly analysis of the previous 6 months that includes the total number of malicious, phishing, or undetected emails, and the recent trend in activity.
Recently Reported Incidents
The Recently Reported Incidents widget shows the subject line, the status of the analysis (open, closed, in-progress, false-positive), and the result of the analysis (undetected, phishing, malicious, simulation) of the last five suspicious emails reported.
You can click on the title of each reported email to see specific summary information.
Click the All button on the top right of the widget to display all of the reported emails in detail.
Recent Investigations
The Recent Investigations widget shows the subject of the last five investigations, the progress of the investigations (%), and the current status (running, canceled, finished, expired). You can view a summary of the investigation by clicking on an investigation title.
Click the All button at the top right of the widget to go to the Investigations page.
Reporters
The Reporters widget shows the five most reliable users who report suspicious emails to the platform. The reliability score improves when the reported email is confirmed to be a phishing or otherwise malicious message. The reliability score will drop if the reported suspicious email does not contain irrelevant and/or harmful content.
Reliability status is classified as follows:
Very Low
Reliability score of 0-20
Low
Reliability score of 20-40
Medium
Reliability score of 40-60
High
Reliability score of 60-80
Very high
Reliability score of 80-100
You can click the All button at the top right of the widget to see a list of all of the users who have reported suspicious activity to the platform.
Top Rules
The Rules box displays the top 5 playbook rules, the criteria used to analyze emails, defined in the Incident Responder platform that was met the most often.
Last updated