Regularly monitor the notes added to the Alert Events list for the high-level security alerts you’re tracking. This is an efficient way for team members to coordinate efforts and check on the status.

Review low-severity alerts on a daily basis. Select the ones that you find acceptable and resolve them all with a few simple clicks as explained in the previous section.

On a weekly or monthly basis, download all the alerts and all the resolved alerts. Use the data there to make a status report to show what your team has done.

In addition to reacting to alerts that already occurred, you can proactively address vulnerabilities before an attack takes place. On DashboardsSecurity Dashboard, check the Active Vulnerabilities to Date entry in the Risk panel.

Click Active Vulnerabilities to Date to open the Vulnerabilities Inventory page.

By default, the Device Security portal sorts vulnerabilities by severity, displaying the most severe vulnerabilities first. When you click a vulnerability name, the Vulnerability Details page for it opens. There you can see which devices are vulnerable so you can take steps to remove the vulnerability before it’s exploited in an attack.