Login
    Contenu x
    Threat exposure monitoring: conceptual overview
    • 27 Jun 2025
    • 3 Minutes à lire
    • Impression
    • Sombre
      Lumière
    • PDF
    Contenu

    Threat exposure monitoring: conceptual overview

    • Mis à jour le 27 Jun 2025
    • 3 Minutes à lire
    • Impression
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    To monitor your threat exposure, Threat View captures endpoint device information with its client-side engines from mobile devices. The client-side engines communicate this information to a server-side component, and the collected information is then structured into events.

    For information about data collection and GDPR compliance, see GDPR Compliance.

    Essentially, Threat View monitors the threat exposure on two levels: device demographics and threat event types. For more detailed information, see Monitored data.

    Device demographics

    Threat View collects data on different device-related parameters:

    • Total number of events for each major or minor operating system version

    • Total number of unique device fingerprints for each major or minor operating system version

    • Percentage of events compared to total number of events for major and minor operating system versions

    • Number of events per country

    The major and minor operating system versions are collected and written to the Threat View databases. The charts in the different widgets are based on all versions for the given operating system.

    Threat event type

    To learn about real-time threats happening within the app, Threat View creates reports focusing on different data. With this you can analyze, for instance, if there is an increase or decrease for injection attacks, or if threat exposure fluctuates during the day, or if there are more or less attacks on a given device model and operating system.

    Threat View creates one report per threat event type and correlates it with other parameters such as device demographics.

    For a list of monitored threat event types, see Types of monitored threats.

    To visualize the analyses for the selected threat event type, Threat View displays widgets with the created charts that focus on different aspects:

    • Analysis for a specific day, week, month, or year with

      • Total number of events for a specific threat event type across all operating systems and devices, e.g. total number of rooted/jailbroken events

      • Percentage of all events of a specific threat event type (based on previous two results), e.g. percentage of all rooted/jailbroken events

      • Percentage of events for a specific threat event type for the monitored operating systems

        This is similar to the corresponding device demographic report but focuses on the percentage of events for the selected threat type, instead of the total number.

      • 10 device models with the most events during a given period of time

    • Analysis for a specific day or month with the relative amount of events for a specific threat type per hour/day

      • Total number of events between e.g. 8:00 am and 9:00 am/on a given day and check percentage of events for the selected threat type

    • World map showing total number of events per country

      This can be broken down on detected threats for each App Shielding version.

    Threat View also correlates different parameters by combining threat event type properties, location, time, and/or device demographics, and displays these correlations. Such a correlation of parameters allows a more in-depth analysis, for instance, if certain device models introduce a higher threat risk than others. Other examples are to check if there is a correlation between a given operating system and the percentage of rooted/jailbroken devices, or if there is a correlation between time and rooted/jailbroken devices.

    With its dashboard and the threat event reports, Threat View visualizes the threat event types and correlations, and provides you insights to analyze threat exposure. For instance, you can learn more about exposure to rooted devices:

    • For a specific time period

      • Total amount of events with rooted devices across all device demographics

      • Total amount of events with rooted devices by operating system

      • Percentage of unique device fingerprints by operating system

      • Event trends during a given time period by operating system

      • Event trends as percentage of the total number events during a given time period

      • Ranking of device models that are most vulnerable to rooting as a threat event type

    • For a specific country

      • Total number of events with rooted devices per country.

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle