Use the Clarity Dashboard

The Clarity Dashboard analyzes information stored in BeyondInsight's centralized database, which contains data gathered from across any or all BeyondInsight-supported solutions deployed in the customer environment. These include:

  • Endpoint Privilege Management
  • Privilege Management for Unix & Linux
  • BeyondTrust Discovery Scanner

Triggers

The following triggers identify assets that are at risk.

Trigger Description
Outlier

Can be triggered by events in the following products:

  • Endpoint Privilege Management
  • Privilege Management for Unix & Linux
  • Password Safe
  • BeyondTrust Discovery Scanner
  • Malware and attack data from other solutions
Untrusted Application

Endpoint Privilege Management events. Triggers in the following cases:

  • Application is unsigned
  • Application has no version information
Vulnerable Application Endpoint Privilege Management events
Asset Risk Exceeds Threshold

Can be triggered by events in the following products:

  • Endpoint Privilege Management
  • Privilege Management for Unix & Linux
  • Password Safe
  • BeyondTrust Discovery Scanner
  • • Malware and attack data from other solutions
Untrusted User
  • Endpoint Privilege Management
  • Privilege Management for Unix & Linux
  • BeyondTrust Discovery Scanner
First Application Launch
  • Endpoint Privilege Management
  • Privilege Management for Unix & Linux
  • User launches an application they have never launched before
First Password Release Request
  • Password Safe events
  • User requests password for an account and system they have never requested before
Unusual Password Release Request
  • Password Safe events
  • User does not retrieve the password for approved request or the password is retrieved more than once
Concurrent Password Release Request
  • Password Safe events
  • User tries to acquire more than one password at a time
Malware Detected
  • Malware is detected on an asset

The Triggers list displays the total number of events which are affected by each trigger. Click the Trigger link to list all of the events that make up the count. Event details include Asset, Triggers, User, Description.

Risk Events by Threat Level

Drill into the risk events to learn more about the event, such as the trigger, type of event, or severity.

Risk Events by Application

Bubbles represent aggregated threat events. The data is displayed in a quadrant layout:

  • The X axis indicates the average asset risk for each bubble.
  • The Y axis indicates the average threat level for each bubble.

The location of the bubble indicates the level of risk. The highest risk assets are displayed in the upper-right quadrant. Bubbles can be arranged by the following:

  • Asset: Displays a bubble for each of the most active assets.
  • User Displays a bubble for each of the most active users.
  • Application: Displays a bubble for each high level threat data source application.

Drill into a bubble to learn more information, such as the event type or severity.

The system restricts the number of bubbles for legibility.

Use the Tab key to navigate through the areas on the page and to view the metrics on the bubbles.