Mail threats graph

The Mail threats graph provides a graphical overview of the various threats detected in the mail messages analyzed by the server. The information is displayed in a layered circle.

• The innermost ring represents the three different types of threats:

  • Malicious mail messages contains attachments or URLs that have been determined to be critical. These mail messages are displayed in red.

  • Suspicious mail messages have been determined to be of medium risk. The threats they contain, while indicating a potential risk, do not need immediate attention. These mail messages are displayed in orange.

  • Benign mail messages are considered low or no risk. These mail messages are displayed in blue.

• The middle ring displays the threat class together with the number of relevant threats for each type. Threat classes include malicious downloads, malicious URLs, etc.

• The outer ring represents the individual threat families that have been detected in the messages. Threat families include malicious binary files, malicious PDF files, malicious URLs, etc.

The widget displays the threat name and a count of occurrences of this threat when you hover your mouse over the graph.

When you click on an item in the graph, it zooms in and displays more details about the selected information type. Clicking again will zoom back out.

If you click an incident type in the inner ring, the graph zooms to display the matching threats in the middle and outer ring. If you click a threat class in the middle ring, the graph zooms to display the matching threat families. If you click the outer ring, the graph zooms to display details about the selected threat.

The legend on the right side of the widget provides a count of the occurrences of the most frequent threats. When you hover your mouse over an item in the legend, a pop-up gives further information about the threat class and the number of incidents. Clicking on the item zooms the graph for the selected threat type and provides more contextual information.