This report contains information that provides an overview of collected events. This provides the analyst with many different methods to quickly locate actionable context in your data. Its counterpart is the Event Analysis Dashboard.
This report displays incident response details on Systems that have been found in your environment to have active intrusion events. Intrusion events are events that are triggered by plugin 800125 - Long Term Intrusion Activity, or 800017 - Intrusion Statistics..
This Report and all associated components require the following:
This report leverages the Tenable FireEye Best Practices Audit, and Dynamic Asset to provide security settings and other useful information on FireEye device configuration to an administrator.
This report displays CVE vulnerability information. The first section of the report provides graphical CVE summary results in 5 year blocks by severity. It is followed by a CVE Trend over the last 90 days, a mitigated CVE total bar chart, and a pie chart of existing CVE severity vulnerabilities for the last 5 years.
Chapter two displays a table of all CVE Vulnerabilities by CVE ID, the severity, and number of hosts/totals that contain the vulnerability.
Three charts are presented:
This report displays details on Administrator accounts that have been found in your environment via LCE and active Nessus scanning.
Provided are details on:
This can be easily configured to your own environment if required by altering the filter for vulnerability text.
This report leverages the Tenable FortiGate Best Practices Audit and other plugins to provide security settings and other useful information on FortiGate device configuration to an administrator.
Security settings included in this audit: