Skip to main content

Risks Overview

The Risks Overview page centralizes management of datasets, policies, and the events they generate, giving you a quick readout of dataflows across the organization.

Risk Overview

Key Features

  • Left pane (Search by Source): Lists customer-defined datasets, organized by sensitivity, with counts showing how many policies matched each dataset. Selecting a dataset will apply a filter to the page to show matches against that dataset and the available policies.

    Using the search by source option allows the user to manually select characteristics to filter the page, this will hide the datasets options and show the resultant matches against any policy configured or those that match no policy in the "unmatched" option.

  • Center map (Dataflow): Visualizes observed data movement that matched defined policies.

  • Policies: Each policy appears as a bubble indicating the number of matching events. Beside the policy name there are indicators of the options associated with the policy. The available icons are


    NameIcon
    Block
    Warn
    Monitor
    Let Linea Decide
    Always Create Incident
    Email
    Screen Capture
    Exclusions
    Disabled

  • Severity: Bubble color represents the policy’s severity level.

  • Unmatched events: Events that matched a dataset but not a policy show as “Unmatched” with a grey bubble.

  • Right pane (Search by Destination): Displays record counts for locations, sources, destinations, and users involved in matching events.

  • Locations Filter: Allows filtering by locations based on groupings available from the platform. This panel provides an option to filter on either source or destination or both by selecting the option at the top, then by opening the facets of the filter you can find the pre-populated options for filtering down to specific elements like a website or an endpoint application.

  • User Filter: This allows filtering by specific user names found in events this could be an endpoint username or a mapped username associated with users imported from a directory integration.

  • Time range: Defaults to the last 7 days; adjust the range via the date picker. Cyberhaven retains 90 days of data by default, with extended retention available by license.