Skip to content

Understanding Your Weekly Report

The Weekly Report includes the Devices Sending Telemetry that compares the number of active devices split by day and comparing count for the same day last week. This provides visualization to help determine if there’s a large number of devices that may have stopped communicating and sending telemetry data.

Devices sending telemetry.

Case Activity

A detailed account of weekly cases will be displayed. Status includes In Progress indicating that the case is still being investigated, Resolved indicating that the case is now closed, and Action Required indicating that additional information is being requested before the case can be resolved. If action is required, please contact the MDR team as soon as possible.

The case metrics also has a break out of cases by type.

Weekly Case Activity.

The Weekly Report highlights the number of detections for the week, broken out by day and compared to the previous week.

Weekly Detections.

The Weekly Report also provides the total number of cases and escalations, and provides a breakdown of detections by integration source, classification type, and MITRE Techniques and Tactics.

Weekly report breakdown.

An additional view shows the top 10 devices with the most detections.

Top 10 devices.

Top and Bottom 5 Detections

This list topmost frequently seen and least frequently seen detections for the week date range of the report. It has the count for number of times it was seen.Action Required Status

Top and Bottom 5 Detections.

Additional Sophos MDR Efforts have lists of the most recent response action taken and communications with your account contact(s).

Recent response actions.

Recent communications.