The Execute Report provides your executive team with regular updates regarding your organization's threat activities. You can use the Executive Report to provide monthly visibility into recently infected endpoints, the domains that targeted them, and open high and medium incidents. The report can show the trends that occurred during this period based on your efforts to remediate threats, and then communicate any mitigation plans.

The Executive Report is available in PDF format. You can run the Executive Report on-demand, or you can create a schedule to run it at regular intervals. When you run or schedule the report, you can specify recipients to whom you want it emailed. Recipients can also download it from the Symantec EDR console.

Note:

The Executive Report is designed to provide you with a trend analysis of your threat activity for the 30 days before its run date. Do not use it as a tool for identifying and responding to threats in real time.

Table: Sections of the Executive Report

Section

Description

Recently Infected Endpoints

Charts and summarizes the number of endpoints that were infected based on whether the infections were:

  • Detected on endpoints without SEP

    SEP does not protect these endpoints. The infected files on these endpoints are detected only by network-based threat detection technologies.

  • Detected on endpoints with SEP

    SEP protects these endpoints. Network and endpoint-based threat detection technologies detect infected files on these endpoints.

Domains Showing Threat Behavior

Charts and summarizes the number of malicious domains that targeted your endpoints based on the following types:

  • Malware

    A virus that you download onto your computer that runs without your knowledge. It is designed to steal your personal information, or to use your computer to attack other computers.

    Vantage or IPS may trigger the following classes of malicious signature-based domains:

    • Web Attack: Fake Scan Webpage 16

    • System Infected: Trojan.Cryptolocker.N Activity 3 detected

  • Botnet

    A type of malware on your computer that an attacker controls. The attacker can send instructions to the bot to perform various tasks, such as collect data, or monitor your actions.

  • Fraud

    A fraudulent website that an attacker hosts that resembles a trustworthy website, such as Facebook.

    Vantage or IPS may trigger the following class of a malicious signature-based domain:

    • Web Attack: Facebook Manual Share 35

  • Phishing

    An email that appears to come from a reliable source that includes a malicious link to a forged website. This site is designed to get you to reveal confidential information, such as your bank account number and password or credit card number.

  • Attack

    An attack that occurs when you visit a malicious website that deceives you into performing some action (such as updating your browser).

    Vantage or IPS may trigger the following class of a malicious signature-based domain:

    • Web Attack: Fake Scan Webpage 7

Note:

If a domain infected more than one asset on a given day, that domain is counted only once for that day.

High and Medium Open Incidents

Charts the number of high and medium incidents that are still open for the days on which they were opened. Also lists the 10 most recent incidents opened.

High and medium incidents are defined as:

  • High

    The incident can result in a business outage, loss of data, or have a severe impact on your business.

  • Medium

    The incident may have an impact on the business. And the use of the system in question might need to be limited while you address the incident.

Note:

The incidents are listed based on their priority (High followed by Medium), and then by date on which they were created.

See How you can use the Executive Report

See About Reports

See Generating reports

See Viewing generated reports

See Creating scheduled reports

Legacy ID: v118156224_v128921691

Thanks for your feedback. Let us know if you have additional comments below. (requires login)

    © 1995-2020 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.