Endpoint Detection and Response (EDR) widgets
These widgets show information about the latest incidents and attacks.
The widgets are included under the
Security Operations
category starting in April 2021. You can see the incident details categorized by priority and number of affected devices. You can drill down to view details about a specific item.
These widgets are only available if you subscribe to Symantec Endpoint Security Complete.
You can also include any of these widgets in a custom view.
The following widgets are available:
- Open Incidents KPIShows the total number of open incidents and the number of high, medium, and low open incidents.
- Closed Incidents KPIShows the total number of closed incidents and the number of high, medium, and low closed incidents.
- EDR Endpoint Activity KPIShows the number of endpoint activity recorded enabled devices and the number of endpoint activity recorder disabled devices.
- Top 5 latest IncidentsShows the latest five incidents and number of affected endpoints based on the incident priority (high, medium or low) in the last 24 hrs.Select the incident to view the incident details.
- Top 5 Incidents by Detection Type and SeverityShows the latest five incidents based on Detection Type and Risk in the last 24 hrs.Select the incident to view the incident details.
- Top 5 MITRE ATT&CK® TechniquesShows top 5 MITRE ATT&CK® techniques used to attack the network, discovered in the past 24 hrs. Select the incident to view more details.
- Top 5 MITRE ATT&CK® TacticsShows top 5 MITRE ATT&CK® tactics used in attacks to the network, discovered in the past 24 hrs. Select the incident to view more details.