This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Alerts Dashboard

    The alerts dashboard provides valuable insights into your organization’s security landscape, despite all alerts being handled by the Samurai Security Operation Center (SOC) it provides visibility into the volume of alerts which potentially lead to validated threats and reported to you as a security incident. Additionally we provide transparency by categorizing the alerts by detection engine and highlighting top threat signatures, whilst you do not need to act upon these alerts, this information demonstrates the Samurai MDR service’s scale and effectiveness.

    Outlined below are examples and an explanation of each panel within the dashboard:

    note.png Select the time period to adjust all panels in the dashboard, note the results can provide upto the last 12 months of alert data. Hover over any area of a bar or chart for specific time period and totals.

    Monitoring, Detection and Response summary

    The funnel outlines telemetry ingested (events) by the Samurai platform from your configured integrations, the security detections (alerts) made by the Samurai platform detection engines and third party vendors which are triaged and investigated by the Samurai SOC, and the number of security incidents reported to your organization. The funnel infers the value of the service based on the data analyzed focusing on detecting and reporting threats to your organization.

    funnel.png

    Figure 1: Example summary

    Number of alerts

    The total number of alerts analyzed by the Samurai platform and SOC analysts.

    alerts.png

    Figure 2: Example number of alerts

    Number of unique signatures

    The total number of unique alert signatures.

    signatures.png

    Figure 3: Example unique signatures

    Alerts per detection method

    Donut chart showing the alerts per detection method. For a brief explanation of the detection engines please refer to Alerts.

    detection_method.png

    Figure 4: Example alerts per detection method chart

    Alerts timeline per detection method

    Bar graph showing alerts over the time period per detection method.

    alerts_timeline.png

    Figure 5: Example alerts timeline per detection method graph

    Top 10 signatures

    Top 10 alert signatures from all detection methods.

    top10_signatures.png

    Figure 6: Example top 10 signatures

    Top 10 signatures for Hunting Engine

    Top 10 alert signatures for the Samurai hunting engine.

    top10_signatures_huntingengine.png

    Figure 7: Example top 10 signatures for hunting engine

    Top 10 signatures for Real-time Engine

    Top 10 alert signatures for the Samurai real-time engine.

    top10_signatures_realtimeengine.png

    Figure 8: Example top 10 signatures for real-time engine

    Top 10 signatures for vendor

    Top 10 alert signatures from your vendor product integrations.

    top10_signatures_vendor.png

    Figure 9: Example top 10 signatures for vendor