Risk view displays the Devices and Users ordered by Risk. Risk is calculated based on the triggering incidents using a proprietary algorithm that incorporates asset criticality, incident severity, frequency of incident occurrence, and vulnerabilities found. Risk is only computed for devices in CMDB, private IP addresses, and users found in logs or discovered via LDAP.

Go to INCIDENTS > Risk to see this view. Risk can set as the default view by selecting User Profile > UI Settings then choosing Incidents from the Home drop-down list and Risk from the Incident Home drop-down list.

Devices and Users are categorized by Risk as follows:

• Devices - number of devices with Risk
• Users - number of users with Risk
• High Risk - number of devices and users with high risk
• Medium Risk - number of devices and users with medium risk
• Low Risk - number of devices and users with low risk

To see only the above categories of devices and users in the Risk View, click any of the five categories above.

The Risk View displays the following:

• Device or User name
• Current Risk - Current value, up or down versus the same period
• 24 Hour Risk Trend
• Incidents in Last 24 hours

To drill down, click one row and the incidents that led to this risk are shown in a time line format. You can select an incident, and select any action from the Actions menu. The actions are similar to those described for the List View.