Dashboard

the flare dashboard provides you with various metrics and charts that help you understand your organization's exposure based on the data available within flare it focuses on delivering actionable metrics to enhance operational efficiency there are two tabs within the dashboard overview gives you an operational and strategic overview of your exposure, while the insights tab gives you detailed insights into certain specifics of your exposure most of the information found in the overview is also available when creating reports https //docs flare io/reports there are four sections to the overview tab unresolved events docid\ oivaaeyciqc0ipllii hx this view caters to frontline security professionals, providing a snapshot of the most pressing events on the attack surface event trends docid bwfie xygjdzeiw9lvtt this section helps you understand your exposure growth over time and how your actions in flare and keeping on top of it event explorer docid\ j6ubphavtgvwuiuaow vi you can filter these charts by category, severity, and timeframe, making them especially valuable to security and executive leadership they provide insight into long term trends and how efficiently issues are being resolved identifier trends docid\ upp4g3k9z0la5kxcu xd as businesses grow, their attack surfaces—and identifiers—expand accordingly this view appeals to both security teams and executive leadership additionally, it offers value to mssp partners by showing how identifiers are being leveraged by end customers below you can find more information about what can explain an increase in events? and details about how the dashboard works , which may explain any unexpected inconsistencies in the data what can explain an increase in events? the following is a list of variables that may contribute to increased events within your tenant adding new identifiers creating new identifiers may potentially increase the number of events in flare, due to the amount of additional identifiers discovered learn more how identifiers work at flare here https //docs flare io/identifiers non optimized identifiers similarly, identifiers that are too broad in scope, or a lack of ignored terms may also increase the number of events learn more configuring your identifiers here https //docs flare io/configure identifiers a stealer log leak stealer logs often have large ripple effects, which have a tendency of creating a large number of corresponding events learn more leaked credentials here https //docs flare io/leaked credentials critical events similar to stealer logs, having at least one critical event will likely drive a large number of events to monitor learn more severity scoring here https //docs flare io/understand event severity adding new data sources additional data sources added to your tenant may result in an increase of events learn more about our data sources here https //docs flare io/data sources company growth increased visibility may increase the number of threat actors that are targeting you, which in turn can drive an increase of events reach out to your customer service representative for additional information on event growth within flare troubleshooting any unexpected inconsistencies in the data provided by flare may be due to one of the following factors event counts the event count is counted from the last day within the timeframe you have selected for example, if you’re looking at monthly data, flare will count the total number of events that flare discovered for each month on the last day of that month if you add or delete identifiers within that same month, this difference will not be taken into account at the monthly level, but may be visible in the weekly or daily charts data refreshes dashboard data is updated daily and is not 'live' if you perform a change to your events, such as remeditation, you will not see the numbers update in the dashboard until the following day the event feeds are updated much more frequently, which may result in some minor differences in the data it also means that if identifiers were created or deleted within the last 24 hours, they will not be taken into account until the following refresh date filters the charts are based on the matched at timestamp for events this is different from the estimated created at timestamp, which is the date by which we sort the events in the events https //docs flare io/events feed this means you are likely to see a disparity in the number of events when you are filtering by a certain timeframe on the dashboard, as compared to the events feed you can learn more about our dates here deletion of identifiers event counts in charts are impacted by the deletion of identifiers if you’ve exported data from the dashboard in the past, the numbers may change based on these deletions, which would therefore impact the number of events reported for a given range