Skip to main content

Using the Insights Dashboard

The Insights page provides a preview of a dashboard feature that provides a management view over all enterprise devices, with a sample page view.

mobile-security-console-insights.PNG

  • Device Pool - The pie graph shows the distribution of devices with the app activated and protected, with pending activation statuses.

  • Critical Devices - The number of devices with one or more critical threats over the last 90 days is shown.

  • Risky Devices - The number of devices with one or more risky events over the last 90 days is shown.

  • OS Risk - Android and iOS devices are vulnerable due to outdated and vulnerable operating system versions, and must be updated to remove this risk.

  • Current Security Score - The current security score across all devices is based on an assessment of the Mobile Security app activation, risks, and threats. It increases as the activation of the app increases and as device risks and threats decrease.

    Note

    The security score calculation is based on Device Pool, Critical Devices, Risky Devices, and OS Risk data. It does not include the number of devices that had critical threats and risky events over the last 90 days. This score is calculated using data from the previous day.

  • Security Score Trend - A security score graph can be displayed over a daily, weekly, or monthly time frame.

  • Key Features - The enabled or disabled status values for key features of the solution, such as MDM Integration and Advanced App Analysis.

  • Top Critical Events - The top five critical threats are sorted based on the number of events occurring over the last 90 days.

  • Top Risky Events - The top five risky events are sorted based on the number of events occurring over the last 90 days.

The critical threats shown in the Insights Dashboard

The threats categorized as critical threats in the Insights dashboard display are:

  • Android Device - Possible Tampering

  • App Tampering

  • Device Jailbreaking/Rooting

  • MITM - SSL Strip

  • Rogue Access Point

  • SELinux Disabled

  • Site Insight - Link Visited

  • Suspicious Android App

  • Suspicious iOS App

  • System Tampering

  • Untrusted Profile

Risky events in the Insights Dashboard

The events categorized as risky events in the Insights dashboard display are:

  • Android Debug Bridge (ADB) Apps Not Verified

  • Android Device - Compatibility Not Test By Google

  • BlueBorne Vulnerability

  • Daemon Anomaly

  • Developer Options

  • Device Encryption

  • Device Pin

  • Google Play Protect Disabled

  • MITM - Fake SSL certificate

  • Rogue Access Point: Nearby

  • Sideloaded App(s)

  • Site Insight - Link Tapped

  • Stagefright Vulnerability

  • Suspicious Profile

  • Unknown Sources Enabled

  • USB Debugging Mode

  • Mobile security app is not activated on both work and personal profiles - Android for Work

Key features

The key features section shows a summary of the enabled or disabled status values for key features of the solution. These features show status for:

  • MDM Integration - This is enabled if there is at least one MDM integration set up in Mobile Security Console.

  • SIEM Integration - This is enabled if there is at least one SIEM integration setup in the Manage > Integrations > Data Export section of Mobile Security Console or with the Syslog pull integration.

  • Advanced App Analysis - This is enabled if z3A is enabled for the enterprise.

  • Phishing Detection - This is enabled in the key features of URL sharing or VPN-based phishing is enabled for at least one group within Mobile Security Console.

  • App Policy - This is enabled if at least one app policy has been created under the Policy page.

In this section: