Your Visual Assessment and Threat Prioritization Dashboard

The Uptycs EDR Dashboard offers an efficient look at important segments of your fleet. Quickly zero in on Macs, Linux or any other custom attribute for a visual health check, and to:

  • View suspicious activity collectively at the asset level for more complete threat context 
  • Drill down into the activity of a specific asset for instant investigation
  • Observe volume of active machines and compare to "normal" behavior
  • See your asset locations on a map to spot suspicious movement

Visibility for macOS

Your Mac EDR Dashboard is just a click away. Use out-of-the-box tags like operating system, or customize tags based on your system view needs. It's a fast way to zero in on a subset of your fleet for a proactive health check or to determine what assets may need prioritized attention. 

FilterView_Uptycs2-1

More Complete Threat Context

One-off alerts alone can produce an overwhelming amount of noise. The Uptycs EDR Dashboard provides more complete threat context - showing only assets where more than one of these suspicious behaviors; Bad IP access, critical file change, location change, suspicious login, network traffic, OS X vulnerability and suspicious software, are active.

EDR Alert RollUp
Uptycs_Alert_Timeline

Investigation and Alert Handling

Click to investigate assets that have more than one suspicious activity. A recent activity timeline and alert detail list helps you quickly assess if collective activity is benign or requires immediate attention. Collaborate across the team by adding notations, updating statuses or assigning alerts right from the dashboard.

Truncated EDR Dash Image

Helpful Visual Checkpoints

Gain at-a-glance insights on your currently active assets as well as a historical view of “normal” behavior for comparison. Spot the physical location of your assets around the world on a map and location list view for fast identification of suspicious location changes.

osquery_logo_with_padding

Uptycs + osquery

In 2014, a true disruption began with Facebook's osquery -- a universal, open-source, endpoint agent able to extract data from any singular source and make it available as a virtual SQL database. 

Uptycs ingests endpoint data via osquery, offering full fleet monitoring at scale. We continuously apply 1000s of custom SQL queries and monitor endpoint state against threat and IOC sources, transforming noise into actionable security protocols for your entire cloud infrastructure.