![]() |
![]() |
![]() |
![]() |
Release Notes for Forcepoint TRITON AP-DATA v8.2.5 : New in TRITON AP-DATA v8.2.5
|
![]() |
Endpoint support for XenApp , page 6
|
![]() |
Risk score - The risk score assigned to the case, between 0-10 with 10 being the highest risk. This score is derived by the analytics engine and can be used to assess the security risks in your organization. Scores are based on data accumulated over time. An incident with a score of 2.5 may not pose a high-risk on Monday, but when combined with other incidents from the same source over the week, it might be assigned a higher score.
|
![]() |
Classification - Cases are classified as one of 2 things:
|
![]() |
Suspected data theft - the incidents in this case may indicate an attempt to steal sensitive data. This is based on factors such as statistical information, user and system profiling, the sensitivity of the data, and the risk this incident may impose on the organization.
|
![]() |
Uncategorized (unknown) - the incidents in this case do not fall into the Suspected Data Theft classification.
|
![]() |
Reasons - Each case lists reasons why the case is included in the report. For example, in the case above, there was a data theft breach and a large number of files. Some descriptions show classification accuracy. Red up arrows indicate that an incident increases a case's risk score. Green down arrows indicate that an incident lowers the risk score.
|
![]() |
Case ID - Each case has a unique ID, such as ID:163840.
|
![]() |
Date & Time - The date and time of the last incident that was added to the case. To see incident risk cases for other dates, use the time line shown above the case cards Click a date to display incidents that occurred on that date. Use the scroll bar to see incidents for the previous week. The time line also shows the number of incidents scoring above the selected threshold each day.
|
![]() |
Next/Previous Page () - Click this button to see the next page of the card for more details. The content varies by case. The second page shows the source and destinations relevant to the case (those that pose a risk) and any files that are involved.
|
![]() |
Number of incidents - The number of incidents in the case are shown as a link. Click this link to drill down to the current Incidents report, filtered according to the case, so you can investigate the incidents further.
|
![]() |
HTTP/S - analyzes data being posted to the Web via Internet Explorer, Edge, Chrome, or Firefox browsers.
|
![]() |
Email - analyzes email messages sent from endpoint users, even if they send them to external Web mail services such as Yahoo.
|
![]() |
Print - monitors data being sent from an endpoint machine to a local or network printer. The system supports drivers that print to a physical device, not those that print to file or PDF.
|
![]() |
Application file access - monitors access to files in supported applications. Cloud are supported if accessed through Firefox.
|
![]() |
![]() |
![]() |
![]() |
Release Notes for Forcepoint TRITON AP-DATA v8.2.5 : New in TRITON AP-DATA v8.2.5
|