Understanding Your Weekly Report
The Weekly Report includes the Devices Sending Telemetry that compares the number of active devices split by day and comparing count for the same day last week. This provides visualization to help determine if there’s a large number of devices that may have stopped communicating and sending telemetry data.
Case Activity
A detailed account of weekly cases will be displayed. Status includes In Progress indicating that the case is still being investigated, Resolved indicating that the case is now closed, and Action Required indicating that additional information is being requested before the case can be resolved. If action is required, please contact the MDR team as soon as possible.
The case metrics also has a break out of cases by type.
The Weekly Report highlights the number of detections for the week, broken out by day and compared to the previous week.
The Weekly Report also provides the total number of cases and escalations, and provides a breakdown of detections by integration source, classification type, and MITRE Techniques and Tactics.
An additional view shows the top 10 devices with the most detections.
Top and Bottom 5 Detections
This list topmost frequently seen and least frequently seen detections for the week date range of the report. It has the count for number of times it was seen.Action Required Status
Additional Sophos MDR Efforts have lists of the most recent response action taken and communications with your account contact(s).