The Nebula Security Advisor on the Dashboard page is available with Endpoint Protection and Endpoint Detection and Response subscriptions. It provides a comprehensive health score that assesses the quality of your Nebula implementation. A low security score might suggest that recommended console settings are disabled. Use the Security Advisor to understand your security status and get actionable improvement tips.
Security score
Your security score is calculated in real-time based on the configuration of your Nebula environment or after a task is completed on an endpoint, such as an endpoint requiring a scan. Personalized tips are provided in the Issues section of the Security Advisor page to help improve your security score.
Factors outside of your subscription do not impact your score as these are scores for paid modules that you do not currently own, which may include DNS Filtering, or Vulnerability & Patch. The factors that apply to all accounts include, policies, detection scans, and endpoint status.
Refer to the table below for more information on each factor.
| Factors | Recommendation |
|---|---|
| Policies: Policies control the protection settings and are assigned to groups of endpoints. |
Enable the following settings in your policies:
|
| Detection scan: Scheduled detection scans ensure that your endpoints are repeatedly checked for threats. |
Run daily Detection scans with the following options for all groups of endpoints:
|
| Endpoint status: Endpoints with an endpoint status indicate action is required on the endpoint. |
Clear the following endpoint statuses:
|
| Browser Phishing Protection: The Browser Phishing Protection browser extension further protects endpoints from browser-related threats. | Enable and configure the Browser Phishing Protection policy setting on all endpoints. |
| DNS Filtering: The DNS Filtering module allows you to block access to known suspicious web domains to secure productivity and collaboration. | Enable all 11 security categories in your DNS rules, and by applying your DNS rules to all endpoints based on their Nebula policy with the DNS Filtering module. |
| Vulnerability & Patch: The Vulnerability & Patch Management module allows you to monitor threat exposure on your endpoints by identifying software vulnerabilities and patch endpoints by updating software and installing operating system patches. |
Perform the following actions with the Vulnerability & Patch Management module:
|
| Endpoint Detection and Response (EDR): EDR offers advanced threat hunting, reliable isolation, remediation, and response capabilities to cybersecurity attacks. |
Remediate any detected suspicious activity and enable the following EDR settings in your policies:
|
| Windows Firewall Management: Allows admins to centrally manage the firewall rules and policies of their endpoints from a single console. | Enable a firewall policy on all endpoints. |
| Email Security: Safeguard your inbox from spam, phishing attempts, and a wide range of other email-related threats by utilizing Email Security. This helps maintain the integrity of email communications and protects sensitive information from being compromised. |
Utilize the security features of Email Security:
|
For more information on how each score is calculated, click Understand scoring on the Security Advisor page.
Scoring ranges
A score tier is provided based on the site's security score. Strive for a very good rating to keep the site safe. Refer to the table below to see which tier the score falls under:
| Percentage Range | Rating | Explanation |
|---|---|---|
| 91-100% | Very Good | Amazing! Continue maintaining the score. While your security rating is at its highest, no posture can prevent all risks of breach or vulnerability to threats. |
| 76-90% | Good | Great job! There are minor configuration gaps and a few factors that need attention to reach a better score. |
| 51-75% | Fair | There are notable configuration gaps and several factors that need attention to reduce security risk. Resolve the high-severity issues first. |
| 26-50% | Poor | There are significant gaps in your security posture, and multiple factors require immediate attention. Complete the recommended actions to improve your score. |
| 0-25% | Very Poor | This is a critical risk! Most security factors are poorly configured, and immediate action is required across all scoring factors. Start with the high-severity recommendations |
Recommended actions
The Security Advisor's Issues section offers personalized recommendations to promptly address security issues and boost your security score. Issues can be sorted by factor or severity. The severity levels are as follows:
- Low: Less than 1% security score impact
- Medium: Between 1% and 4% security score impact
- High: More than 4% security score impact
- Critical: Any endpoints with the Remediation Required endpoint status.
Click View next to each severity or factor to display a list of affected endpoints, issues, overall security score impact, and recommended actions. Tasks pending completion on the endpoint are listed as in progress.