5.6.5. Web UI `Overview` screen

After pressing the `Overview` buttons on the navigation bar, the `Overview` screen is displayed.

It includes the following items:

Item	Description
1	`Overview` screen : dashboard selector
2	`Overview` screen alerts list display area
3	`DETECTIONS BY ALERTE TACTICS` zone of the `Overview` screen
4	`DETECTIONS BY MITRE TACTICS` zone of the `Overview` screen
5	`ALERTS TYPE RISK RANKING` zone of the `Overview` screen

---

5.6.5.1. `Overview` screen : dashboard selector

The screen displays a set of:

• One button (4) to select the GCap(s) whose information is displayed

• One button (5) for the period for which the information is displayed

• Three buttons (1 to 3) to define the theme of the dashboards displayed on this page

Item	Name	Description
1	`ALERT RISK LEVEL`	Alert Risk Level. Defines `ALERTS` theme for dashboards
2	`ASSET RISK LEVEL`	Risk level of assets. Defines the `ASSET` theme for dashboards
3	`USER RISK LEVEL`	User Risk Level . Defines the `USER` theme for dashboards
4	GCAP selector	Selection of GCap
5	Time period selector	Selection of the display period

---

5.6.5.2. `Overview` screen alerts list display area

The display of the alerts is possible in 2 ways selectable by the button (4):

• Display `BUBBLE RISKS`

• Display `RISK MATRIX`

For the ALERTS theme, the `BUBBLE RISKS` display consists of:

Item	Description
1	Bubble zone. Each element (here an alert) is displayed as a bubble. Each item is numbered and corresponds to the list displayed next to it. By hovering over an element, a window gives additional information. - Number, not Alert - Risk: percentage level of risk - Alert counter - type of MITRE alerts
2	Alert number
3	Name of detected threat By hovering over an element, a window gives the same additional information. By clicking on the name, the system displays the `Alerts` screen for the selected threat for more information.
4	Display change button (bubbles/matrix)
5	Type field: type of risk (malware...)
6 and following	Each column indicates the category MITRE (`Execution`, `Persistence`, `Privilege Escalation`, `Defense Evasion`, `Lateral Movement`). Each point defines the threat category.

---

5.6.5.3. `DETECTIONS BY MITRE TACTICS` zone of the `Overview` screen

The system displays the distribution of risks between the following categories in a circular fashion:

Benchmark	Name	Description
1	`Lateral Movement`	Number of lateral movements
2	`Execution`	Number of threats executed
3	`Privilege Escalation`	Number of privilege escalation
4	`Defense Evasion`	Number of defensive escapes
5	`Persistence`	Number of persistent threats

Note

Depending on the threat, only the categories present are displayed.

---

5.6.5.3.1. MITRE Icons

In the MITRE column, the following icons can be displayed:

---

5.6.5.4. `DETECTIONS BY ALERTE TACTICS` zone of the `Overview` screen

The system displays a circular risk breakdown between the following categories:

Benchmark	Name	Description
1	`Powershell`	Number of powershells detected
2	`Malware`	Number of shellcodes detected
3	`IDS`	Number of malware detected
4	`shellcode`	Number of IDS detected

---

5.6.5.5. `ALERTS TYPE RISK RANKING` zone of the `Overview` screen

The system displays the risks:

• Grouped by type of alert

• Sorted by decreasing risk level

Each bar of the graph indicates the percentage of the risk and the type of alert.

Passing the cursor, the system displays:

• The type of alert

• The percentage of risk

• The number of alerts

By clicking on the bar, the system displays the information defined in the `Alerts` screen for the selected risk type.

In the example below, the window displays the following information:

ITEM	Name	Description
1	Percentage for this type of alert	Indicates the probability that this likely risk is real
2	Alert type	Alert type `Malware`, `IDS`, `shellcode`

---