Topology View — Consolidated Risk
The new Consolidated Risk View in the Security Fabric Topology displays different risks within the topology view. The filter considers threats originating from different components including:
- IOC Detections
- Threat Score
The topology shows endpoints based on their highest severity event. Details are available in the tooltips. Administrators can also filter by risk type or severity.
This version adds two improvements for topology pages:
- Add the ability to highlight hosts with critical vulnerabilities along with compromised hosts as Critical Risks in the default topology view. You can also view Critical Risk devices in the right pane.
- Consolidate the Vulnerability, Threat Score, and 'IOC Score view into a new view mode called Risk view.
In Security Fabric > Physical Topology, the default topology view highlights hosts with critical vulnerabilities along with compromised hosts as Critical Risks.
Click Critical Risks to view critical risk devices in the right pane.
Using View mode Risk with Risk Type All.
Using View mode Risk with Risk Type Compromised Hosts.
Using View mode Risk with Risk Type Vulnerability.
Using View mode Risk with Risk Type Threat Score.