Cisco Secure Endpoint Reporting

219 Views
Published
Reporting is a feature that helps to understand the current state of the organisation. Reports can be view and configured from Analysis -- Reports tab.

The system-defined reports, that include statistics for all configured groups, are generated automatically over one-week, one-month and quarterly period. In case you need to create your own reports, navigate to the Reports Tab, and configure custom reports for specific groups, over the respective period.

Reports contain the following sections:
- Active Connectors:
- Deployment Status
- Compromises
- File Detections
- Network Detections
- Low Prevalence Executables
- Threat Root Cause
- Vulnerabilities
- Successful Quarantines
- Retrospective Detections
- Retrospective False Positives
- Indications of Compromise

As a best practice, you can configure the notifications for reports to be emailed to you.

Visit the following resources for more information:

- Security ATXs/ACCs:
https://learningnetwork.cisco.com/s/atx-integrated-secure-operations

- Endpoint Protection self-guided journey page:
https://www.cisco.com/c/m/en_us/products/security/advanced-malware-protection/setup-guide.html

- Cisco Video:
https://video.cisco.com/video/6241610161001
Category
Cisco Systems
Be the first to comment