Navigate to Threats > Overview to display threat intelligence incidents logged in your network.
With the buttons at the top of the content area, you can select the reporting period. In the panels at the top of this screen and under Logs Severities, the threat intelligence incidents logged in the selected reporting period are displayed by level of severity.
There are four levels of severity:
The other charts on this dashboard display the countries, assets, users, and internal IP addresses involved in the logged incidents. The IPS and MISP events detected by Threat Defender are also displayed.
From here, you can drill down into deeper reporting levels to further investigate any suspicious traffic.