Exposure Widgets
Epiphany's dashboard includes widgets to measure exposure on devices, users, groups, and high-value applications.
Last updated
Epiphany's dashboard includes widgets to measure exposure on devices, users, groups, and high-value applications.
Last updated
Most dashboard widgets will provide helpful information as to their purpose if you roll your mouse over the Information icon .
Epiphany's exposure widgets provide information to help you identify which of your devices, groups, users, or high-value applications are at risk of exposure to an attacker.
The exposure widgets show information about the number of exposed devices, groups, users, or high-value applications. These widgets show information in a similar way.
This is how the elements of each Exposure widget work:
The number in the circle is the number of exposed items. You can roll your mouse over the circle to display a key for what the colors in the circle mean.
Click on the number in the circle or on a color in the circle to display further details about the exposed item.
The tiny circles represent dates. Click on one of these circles to see the date change at the bottom of the widget, and the number in the circle as well as the colors change to represent that date.
The circle for the selected date is shown in yellow.
There is a bar graph directly above the date. It shows change over time for that date.
Exposed Devices tracks the number of devices present in attack paths. It shows how many devices are potentially exposed to an attacker if that path is leveraged.
The number in the circle is the number of exposed devices.
Click on the circle to display further details about each exposed device: the device Name, the number of attack paths it is Present In, the number of Prizes on the device, Groups exposed, and the data Sources that are reporting about the device.
Exposed Groups tracks the number of groups (if the connected identity data source has them) that are present in attack paths, just like Exposed Devices.
The number in the circle is the number of exposed groups.
Click on the circle to display information about each exposed group: the group Names, how many devices the group provides Admin Rights to, how many Users are part of the group, and what identity Source is providing information about the group.
Exposed Users gives you visibility into the risk a particular identity in an attack path poses to your environment from all the identity sources connected to Epiphany.
The number in the circle is the number of exposed users.
Click on the circle to display information about each exposed user: the user's Name, how many devices they're Found On, how many devices they have direct and inherited (through a group membership) Admin Rights to, their Group memberships (select Details to see this), and the data Source reporting information about the user.
High Value Applications is one of Epiphany's default methods for targeting attack paths and understanding key areas of potential material impact. Epiphany attempts to build attack paths to control systems (such as domain controllers), communications systems (such as exchange servers), and data storage locations (such as SQL, Oracle, EC2, etc.) to give you an understanding of how many unique systems are directly in the path of the attacker.
The number in the circle is the number of high-value applications in an attack path.
Click on the number (116 in the image) or on a color in the circle to display information about each high value application in an attack path: the Name of the application, which device it is Found On, the number of attack Paths leading to it, and when it was found (Last Seen).
