Security Incidents Overview

The Security Incidents Overview page provides a dashboard that shows the number of computers and devices (including Windows, Mac, Android, and Linux devices) in the client account, and the security incidents on devices that have WatchGuard Endpoint Security products installed.

Click the name of a client account to view statistics and manage the devices in the account.

Click a threat count indicator to view the threat details in a report. For more information, go to the Reports section in Manage Clients with the Endpoint Security Plug-In in ConnectWise Automate.

You can filter the threat count data based on these time periods:

  • Last 24 hours
  • Last 7 days
  • Last month

Screenshot of the Security Incidents Overview in the WatchGuard Endpoint Security plug-in

The Security Incidents overview page includes these columns:

  • Client — The name of the client account. To view more detailed information about the client and the devices in the account, click the client name. For more information, go to Manage Clients with the Endpoint Security Plug-In in ConnectWise Automate.
  • WatchGuard Computers — The number of computers and devices in the client account.
  • The first number is the number of computers and devices in the client account that have WatchGuard Endpoint Security products installed.
  • The second number in parenthesis is the total number of computers and devices that are registered in ConnectWise. This includes both devices that do and do not have WatchGuard Endpoint Security products installed.

The number of devices reported by ConnectWise and WatchGuard might differ because of their different discovery processes.

  • Malware — The number of incidents of malware on devices in the client account. Malware is software intended to damage the contents of a computer or allow unauthorized access.
  • PUPs — The number of incidents of potentially unwanted programs (PUPs) on devices in the client account. PUPs can include unwanted programs installed by the user or tools used by hackers to gain access to target computers.
  • Programs Blocked — The number of incidents of blocked programs on devices in the client account.
  • Phishing — The number of phishing incidents on devices in the client account. Phishing is a technique to obtain confidential information, such as user names and passwords or financial information from users.
  • Intrusion attempts blocked — The number of intrusion attempts blocked on devices in the client account.
  • Devices blocked — The number of devices that were blocked in the client account. A device is blocked after a user tries to use a restricted device.
  • Malware URLs blocked — The number of malware URLs that were blocked on devices in the client account. Malware URLs are web addresses of pages that contain malware.
  • Exploits — The number of incidents of exploit attacks that compromised or tried to compromise trusted programs on computers.
  • Indicators of Attack (IOA) — The number of confirmed incidents that are highly likely to be an attack.

Related Topics

WatchGuard Endpoint Security in ConnectWise Automate Interface Overview

About the WatchGuard Endpoint Security Plug-in for ConnectWise Automate