N O T I C E
MSPbots WIKI is moving to a new home at support.mspbots.ai
to give you the best experience in browsing our Knowledge Base resources and addressing your concerns. Click here for more info!
Page History
...
A security incident is any event or situation wherein there is an attempted or actual unauthorized access, use, disclosure, modification, or destruction of information. The widgets in the Huntress Monorotring Monitoring Dashboard groups detected incidents in the following sections:
- Active Incidents - These incidents are currently in progress or have recently been detected and are actively being addressed by the organization's security team. Active incidents require immediate attention and response.
- Active Incidents - This widget shows the total number of active incidents encountered.
- Active Low Severity Incidents - This widget shows the number of incidents with minimal impact on the organization's operations or security. Examples are low-risk spam emails, minor website defacement, and isolated incidents of unauthorized access with no sensitive data exposure.
- Active High Severity Incidents - This widget shows high-severity incidents that have serious, cause substantial impacts impact on business operations and may lead to moderate financial losses. While they are significant, they may not immediately threaten the overall stability or survival of the organization. They require prompt action and response to prevent further escalation and minimize damage.
- Active Critical Incidents - This widget shows the number of incidents that have a catastrophic impact on the organization's operations and security. These require immediate action because they incidents pose a substantial threat to data, systems, or services and require immediate action. Examples are major data breaches, advanced persistent cyberattacks, full network outages, unauthorized access to sensitive data, severe and malware infection with widespread impact.
- Resolved Incidents - These incidents were detected at a given time but have already been and were resolved by the security team.
- Incidents Resolved - This is the total number of resolved incidents encountered.
- Incidents Resolved - Current Month
- Incidents Resolved - Current Quarter
- Incidents Resolved - Current Year
- Agent Status - This section of the dashboard shows the number of agents being monitored and their status.
- Total Agents - This widget shows the total number of agents being monitored in the dashboard.
- Outdated Agents - This widget shows the number of agents with outdated machines or software who and are thus vulnerable to incidents.
- Reported Footholds and Other Indicators - This widget shows the number of virtual spots that secured by the attacker has secured in an environment or machine. These footholds allow the attacker to maintain access through system disruptions.
...
Overview
Content Tools