The Security Dashboard in the Armor Management Portal (AMP) displays the various statuses of your virtual machines:
- Green indicates a virtual machine in a Secured status.
- Yellow indicates a virtual machine in a Warning status.
- Red indicates a virtual machine in a Critical status.
The overall status of your virtual machine is based on the individual status of your virtual machine's subcomponents. Your virtual machine contains three subcomponents:
- Malware Protection
Armor reviews the status of your three subcomponents and labels your virtual machine based on the status of your most critical subcomponent.
For example, if Malware Protection and FIM are both in a Secured status, but Patching is in a Critical status, then overall, your virtual machine is labeled as Critical.
In another example, if Malware Protection is in a Critical status, FIM is in a Warning status, and Patching is in a Secured status, then overall, your virtual machine is labeled as Critical.
Troubleshoot Malware Protection
To fully use this screen, you must add the following permission to your account:
You can use the Health Overview screen to see the overall health status of your virtual machines.
The top of the Health Overview screen contains four types of information, displayed in various widgets.
Overall Health Score
This widget displays an average of the Protection, Detection, and Response scores.
Scores in the security dashboards are calculated and updated every night at 2:00 AM UTC.
This score is based on the stability of the Armor agent and any corresponding subagents. For more information, see:
This score is based on the incoming activity (log activity) of the Armor agent and any corresponding subagents. For more information, see:
This score is based on the response time for a support ticket between you and Armor. For more information, see:
This widget displays the number of open or pending support tickets that are considered highly important, security-focused incidents, known as Critical Incidents.
Internally, when Armor Support reviews a support ticket, a support personnel can label the ticket as a Security Incident. These tickets will be given a severity rating (low, medium, high, critical), and then displayed in the Security Incidentsscreen. A Security Incident with a Critical status is also known as a CriticalIncident.
In the Security Incidents screen, you will only see an incident if you are listed as a recipient on the support ticket or if you opened the support ticket.
Armor Support, you, or someone on your account can open a support ticket that can eventually evolve into an incident.
To learn more about the Security Incident screen, see:
Under Security Alerts Needing Attention, you can click a specific incident, and then you will be redirected to the Security Incident screen with the table already filtered.
Logs Parsed (Past 24h)
This widget displays the number of logs that Armor has received and analyzed in the past 24 hours.
This widget only applies to Armor Anywhere users.
This widget displays the number of detected vulnerabilities, based on the information from the weekly vulnerabilities report.
A vulnerability scan takes place every Sunday at 10:00 PM, local server time. After a scan is complete, the corresponding report is added to the Vulnerability Scanning screen of the Armor Management Portal (AMP). Additionally, this widget is updated based on the scan.
To learn about the Vulnerability Scanning screen, see Vulnerability Scanning (Armor Anywhere).
Review API Calls
|Content by Label|
Was this helpful?