Zero Trust

Displays the distribution of applications based on endpoint activity.

Displays approved applications that comply with security policies.

Displays unauthorized or potentially risky applications running on the network.

Ex: bittorrent, gnutella,bitcoin etc

Displays the endpoints of unsanctioned apps, providing visibility into unauthorized applications in the network.

Displays data transmission details for unauthorized apps, showing when and how much data, they send or receive over a specific period to facilitate the detection of suspicious activity.

Displays the list of unnecessary open ports.

Displays the list of allowed Ports to ensure compliance with predefined port security policies.

Provides data to analyze traffic segmentation and confirm policy enforcement.

Displays HTTP error codes, where a high frequency of 4xx errors from a specific host or endpoint may suggest attempts to access unauthorized resources.

Displays the 4xx Error Count to quantify the total number of 4xx errors encountered, helping investigate failed access attempts.

Displays sessions with 4xx errors, helping to ensure that only authorized users can access sensitive resources.

Displays the list of expired SSL/TLS certificates.

Displays the distribution of applications based on the SSL/TLS versions in use.

Displays the list of weak cipher suites in use.

Displays the list of sessions with old SSL/TLS version such as SSLv3, SSLv2.

Displays the Port Spoofing Activity to detect attempts to impersonate legitimate ports for malicious purposes.

Displays DNS activity details, aiding in the detection of suspicious behavior and enhancing network visibility.

Displays the list of DNS queries for suspicious domains.

Provides insights into user authentication, role assignments, and access controls.

Displays the list of top user logins to track frequently logged-in users, ensuring visibility.