Risk assessment

Plixer Endpoint Analytics evaluates endpoint risk by applying multiple assessment methods to the data collected by the system.

Endpoints are assigned an overall risk level based on the following risk assessment methods and solutions:

Identity-Based Risk: Identity	Based on security vulnerability information associated with the endpoint’s assigned profile
Identity-Based Risk: OS	Based on security vulnerability information associated with the endpoint’s operating system
Duplicate MAC	Based on the detection of identical MAC addresses at multiple wired locations (expires after 24 hours) or both wired and wireless (persistent)
Tenable	Based on highest endpoint risk vulnerability discovered by a Tenable.io (if enabled) For additional information and configuration instructions, see the subsection on Tenable.io integration.
Microsoft Defender	Based on highest endpoint risk vulnerability reported by Microsoft Defender (if enabled) For additional details and configuration instructions, see the subsection on Microsoft Defender integration.

The overall risk level and individual risk scores by assessment are listed under the Endpoints > Risk view.