Risk assessment

Plixer Endpoint Analytics evaluates endpoint risk by applying multiple assessment methods to the data collected by the system.

Endpoints are assigned an overall Risk Level based on the following assessment risk assessment methods and solutions:

Identity-Based Risk: Identity

Based on security vulnerability information associated with the endpoint’s assigned Profile

Identity-Based Risk: OS

Based on security vulnerability information associated with the endpoint’s operating system

Duplicate MAC

Based on the detection of identical MAC addresses at multiple wired locations (expires after 24 hours) or both wired and wireless (persistent)

Tenable

Based on highest endpoint risk vulnerability discovered by a Tenable.io (if enabled)
For additional information and configuration instructions, see the subsection on Tenable.io integration.

Microsoft Defender

Based on highest endpoint risk vulnerability reported by Microsoft Defender (if enabled)
For additional details and configuration instructions, see the subsection on Microsoft Defender integration.

The overall Risk level and individual risk scores by assessment are listed under the Endpoints > Risk view.