Users can check and follow the suggestions of the risk events to mitigate them. If everything is handled properly, remember to resolve the risky users and devices with the flag icon in the left. This could lower down the risk score and the organization-wide risk index can go back to the normal level. The Risk Index will be recalculated, at most, every 4 hours.
| If the risk score increased, it means some users or devices in the organization are at high risk. Please find the users or devices in the AT-RISK USERS/DEVICES part of the landing page. | |
|
At-Risk Users/Devices: Users/Devices that maintain a risk score of at least 70 and may be under attack due to high risk event detections. User can Investigate the events by clicking on the User/Device name and take remediation steps or suggested actions if required. Users can take action immediately by clicking the three vertical dots under Action as well. Action
| |
|
Users can Investigate the events by clicking on the User/Device name to get more information and remediations. Users can take action by clicking the three vertical dots on the right side of User/Device name. | |
| After removing the risks, use the Flag button to mark the User/Device as Closed. This helps lower the overall risk index.
|