: Threat Summary Report Overview
Focus
Focus

Threat Summary Report Overview

Table of Contents

Threat Summary Report Overview

The threat summary report is a rundown of artifacts that AutoFocus and WildFire associate with malware. You can find the threat summary report in the Reports section of the AutoFocus portal. When you View Threat Summary Report Details for the first time, the report for your support account displays with a default time range of 7 days and the industry you selected when you initially set up your AutoFocus support account.
Report Section
Description
Executive Summary
The Executive Summary consists of the following highlights:
  • Malware Applications—The unique number of applications through which malware was delivered. (Application is the App-ID™ matched to the type of application traffic detected in a session.)
  • Total Malware Sessions—The total number of sessions in which WildFire detected a sample with a verdict of malware.
  • Tagged Malware Sessions—Out of the total malware sessions, the percentage of sessions linked to samples that received at least 1 tag.
  • Tagged Malware Samples—The number of malware samples that received at least 1 tag.
Malware Session Percentage By Day
This chart provides:
  • A daily count of sessions associated with malware for devices in your support account.
  • The percentage of malware sessions out of the total number of sessions for devices in your support account.
  • The percentage of malware sessions out of the total number of sessions for all AutoFocus users in an industry.
  • A comparison of the average percentage of malware sessions seen with your account and the average percentage of malware sessions for the industry.
Samples Summary
This chart provides:
  • The number of samples grouped by WildFire verdict (malware, grayware, and benign).
  • The number of tagged malware samples versus untagged malware samples.
  • The percentage of malware samples.
  • The percentage of tagged malware samples.
Top Firewalls
The top 10 firewalls where WildFire detected the most number of malware sessions.
Top Upload Sources
The top 10 upload sources that submitted your samples to WildFire.
Top Filetypes Per Application
The number of malware sessions for the top 5 most frequently used applications for distributing malware. For each application, the malware sessions are broken down by filetype.
Top Applications
The 10 applications that distributed the most malware samples.
If there are applications in this list that have no legitimate business purpose in your organization, you may want to create a rule on your firewall blocking these applications.
Bottom Applications
The 10 applications that distributed the least malware samples.
Top Filetypes
The 10 filetypes most frequently associated with malware samples.
Bottom Filetypes
The 10 filetypes least frequently associated with malware samples
Top Malware Family Tags
The top 10 Unit 42 and private Malware Family tags that AutoFocus matched to your samples.
Top Campaign Tags
The top 10 Unit 42 and private Campaign tags that AutoFocus matched to your samples.
Top Malicious Behavior Tags
The top 10 Unit 42 and private Malicious Behavior tags that AutoFocus matched to your samples.
Threats by Source Country
A map of countries from which malware sessions originated (refer to list of Countries and Country Codes). The report highlights the country that sent the most number of malware sessions.
Threats by Destination Country
A map of countries that malware sessions targeted (refer to list of Countries and Country Codes). The report highlights the country that received the most number of malware sessions.