Skip to main content

Attack Surface InsightsAttack Surface Insights Guide

View Entity Details

Learn and review details about a specific entity.

To view more details about an entity, select the entity.

In the entity details, you can review all attributes related to the entity. For user entities, you can also review the number of associated open Threat Center cases, a history of the user entity risk score, their associated accounts, and the attributes associated with a specific account. For device entities, you can also review the IP addresses associated with the device.

Available attributes vary based on entity type. For some attributes, you can hover over the attribute to reveal more information or actions.

View User Entity Details

To view details about a user entity, select the user entity. From the details, view:

View User Entity Threat History

Under User Risk Trend, view the cases and alerts associated with a user entity over a period you specify: last seven days, last two weeks, last month, last two months, or last three months:

User Risk Trend showing the time period menu expanded.

To view the number of open cases and alerts created over the specified period, minimize User Risk Trend:

Minimized User Risk Trend.

To view details about the cases and alerts, click <#> cases or <#> alerts:

Minimized User Risk Trend showing the open cases tooltip.
Minimized User Risk Trend showing the alerts tooltip.

To view a line chart of a user entity's risk score over time, expand User Risk Trend. Each point on the line chart represents the highest Threat Center case or alert risk score associated with the user entity on a given day.

Expanded User Risk Trend line chart depicting a user entity's ​risk score​ over the last 7 days.

To view more information about the case or alert with the highest risk score, hover over the point on the line chart:

The User Risk Trend chart showing a specific point on the chart.

To navigate to the case or alert with the highest risk score in Threat Center, click the point.

View User Entity Accounts

You can view all accounts associated with the user entity and the attributes associated with a specific account.

To view all attributes across all accounts, select All Accounts.

The user details for user Barbara Salazar with All Accounts highlighted in a red rectangle.

To view attributes associated with a specific account, select the account from the menu.

The user details for user Barbara Salazar with other associated accounts highlighted in a red rectangle.

To view all linked accounts, under Usernames, click View linked accounts.

User entity details with the View linked accounts action highlighted in a red rectangle.

For each linked account, view:

  • Full name – The printable display name of the user associated with the account.

  • Email address – The email address associated with the account.

  • User name – The user name associated with the account.

  • Security criticality – The security criticality associated with the account.

  • Tags – The tags associated with the account.

  • Department – The department associated with the account.

  • Title – The formal job title of the user associated with the account.

  • Manager – The manager to whom the user reports associated with the account.

  • Lockout – Whether the user is locked out of the account.

  • Is active – Whether the user is currently actively using the account.

  • Current logged endpoint – The endpoint into which the user is currently logged in.

  • Is on VPN – Whether the user is currently connected to VPN.

  • Last seen – The time when the user was last associated with this account.

View Device Entity Details

To view details about a device entity, select the device entity. From the details, view: