Risk assessment¶
Plixer Endpoint Analytics evaluates endpoint risk by applying multiple assessment methods to the data collected by the system.
Endpoints are assigned an overall Risk Level based on the following assessment risk assessment methods and solutions:
Identity-Based Risk: Identity |
Based on security vulnerability information associated with the endpoint’s assigned Profile |
Identity-Based Risk: OS |
Based on security vulnerability information associated with the endpoint’s operating system |
Duplicate MAC |
Based on the detection of identical MAC addresses at multiple wired locations (expires after 24 hours) or both wired and wireless (persistent) |
Tenable |
Based on highest endpoint risk vulnerability discovered by a Tenable.io (if enabled)
For additional information and configuration instructions, see the subsection on Tenable.io integration.
|
Microsoft Defender |
Based on highest endpoint risk vulnerability reported by Microsoft Defender (if enabled)
For additional details and configuration instructions, see the subsection on Microsoft Defender integration.
|
The overall Risk level and individual risk scores by assessment are listed under the Endpoints > Risk view.