Default dashboard

Default dashboard

The default dashboard includes five widgets, most of which are focused on detection activity. You can use the dashboard as both an analytical and operational tool to view and act on the most important threats on your system.

Default Dashboard

Widget	Description
MITRE ATT&CK	Detections are organized based on the MITRE ATT&CK® framework. There are two bars for every detection activity: The left bar will show detections from previous time period. The right bar will show detections from current time period. The column names may differ depending on the coverage on each account,. Click the dates at the top of the widget to filter the chart by the previous and current weeks. Hover over the bars in the chart to view the discover counts. Click the bars in the chart to open the Detections Table. See, Detections Table.
Observation	Highlights observations (advanced correlations of multiple events by the FortiNDR Cloud backend.) Each observation will have different context variables that will show up. You can click the Observation Title to pivot to observation detail page. Click the bullet next to the observation name to filter the chart. Each column header is clickable. Hover over the data points in the graph to view detailed information about the observation. Click the items in the legend to hide or show lines in the chart. Use the Confidence dropdown to filter observations based on the confidence level (All, High, Moderate or Low). Under Observation Title, click the individual observation titles to view the observation detail page. See Observation detail page.
Notable Detection Rules	Highlights active rules with the highest severity and detection count.
Investigations	Highlights investigations with the most recent activity. The table is sorted by Last Modified. Any investigations that are modified appear at the top. Click Investigations to open the Investigations page. See Investigations. Click an investigation name to open the Investigation Details page. Hover over Last Modified By or Name to view more information.
Resolved Detections	Displays daily resolved detection counts over time to highlight changes in activity (Total, Average and Maximum). You can click a data point in the chart or the Total detections, to view the resolved detections in the Defections Table.

Default dashboard

Default Dashboard

Widget	Description
MITRE ATT&CK	Detections are organized based on the MITRE ATT&CK® framework. There are two bars for every detection activity: The left bar will show detections from previous time period. The right bar will show detections from current time period. The column names may differ depending on the coverage on each account,. Click the dates at the top of the widget to filter the chart by the previous and current weeks. Hover over the bars in the chart to view the discover counts. Click the bars in the chart to open the Detections Table. See, Detections Table.
Observation	Highlights observations (advanced correlations of multiple events by the FortiNDR Cloud backend.) Each observation will have different context variables that will show up. You can click the Observation Title to pivot to observation detail page. Click the bullet next to the observation name to filter the chart. Each column header is clickable. Hover over the data points in the graph to view detailed information about the observation. Click the items in the legend to hide or show lines in the chart. Use the Confidence dropdown to filter observations based on the confidence level (All, High, Moderate or Low). Under Observation Title, click the individual observation titles to view the observation detail page. See Observation detail page.
Notable Detection Rules	Highlights active rules with the highest severity and detection count.
Investigations	Highlights investigations with the most recent activity. The table is sorted by Last Modified. Any investigations that are modified appear at the top. Click Investigations to open the Investigations page. See Investigations. Click an investigation name to open the Investigation Details page. Hover over Last Modified By or Name to view more information.
Resolved Detections	Displays daily resolved detection counts over time to highlight changes in activity (Total, Average and Maximum). You can click a data point in the chart or the Total detections, to view the resolved detections in the Defections Table.

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Unified SASE

Single Vendor SASE

Cloud Network Security

Secure Endpoint Connectivity

Web Application / API Protection

Security Operations

Security Operations Automation

Identity

Early Detection & Prevention

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Communication & Surveillance

Unified SASE

Single Vendor SASE

Secure Endpoint Connectivity

Cloud Network Security

Cloud-Native Security

Web Application / API Protection

Security Operations

Security Operations Automation

Endpoint

Data Protection

Identity

Email

Early Detection & Prevention

Expert Services

Edge Firewall

Orchestration & management

SD Branch

Application Delivery

Single Vendor SASE

Secure Endpoint Connectivity

Secure Private Access

Thin Edge

Identity

Application Gateway

Enterprise Asset Management

Endpoint Agent

Agentless Security Posture

Identity

Wireless

Switching

Identity

Privilege Acccess Management

Next Generation Firewall

Orchestration & management

Expert Services

All

All

Account Management

SAAS Management

SAAS Application Security

Managed Services

Platform as a service (PAAS)

Other SAAS Services

4D Pillars

Cloud

Popular Solutions

User Guide

Default dashboard

Default dashboard

Default dashboard