Skip to content

Weekly summary report

You can get an overview report each week.

The report gives you a summary of the health and status of your cloud assets monitored by Sophos Cloud Optix.

The report is sent automatically every Monday and contains data from the previous seven days. It also has the latest release notes.

By default, the report is emailed as a PDF attachment to the first registered user on your Sophos Cloud Optix account. Any user with the Super Admin or Admin role can appoint other users to receive the report.

To change the users who receive the report, go to Reports > Weekly Overview and click Configure email recipients.

The report contains the following information.

New Alerts

A summary of new or updated alerts that Sophos Cloud Optix generated.

Recent Anomaly Alerts

The five most recent alerts, listed in severity order. The report doesn't contain this section if Sophos Cloud Optix generated no new anomaly reports in the last seven days.

Cloud Environments

The current number of cloud environments registered on the Cloud Optix account, for each type (AWS, Azure, GCP, Kubernetes, Docker Hub, IaC).

Cloud Assets

The current number of cloud assets on the account that count towards licensing. See Licensing.

Console Activity

This lists the following information for the last seven days:

  • The number of users registered in your Sophos Cloud Optix account.
  • The number of sessions in Sophos Cloud Optix.
  • The number of changes to integration settings (for example Jira, Slack).
  • The number of alert suppressions.
  • The number of changes to compliance policies.


A high-level summary of the current security situation across all cloud environments, from each environment's most recent security scan, for all active compliance policies combined.

You can see detailed scan results for each policy and environment in Reports in Sophos Cloud Optix.

Activity Logs

The number of events from activity logs (for example AWS CloudTrail logs) that Sophos Cloud Optix considers potentially high-risk.

Events are considered high risk when an IAM user or role has performed an action that it hasn't performed before or recently.

Security Groups

The total number of unused security groups, and the total number of security groups, across all environments.

You can remove unused security groups to reduce risk.


This section shows the total number of AWS IAM users, roles, and groups. It shows the number of users, roles, and groups that may have greater privileges than they need.

We recommend you review permissions for these entities to reduce your security risk.

Spend Monitoring

The total spent in the previous week across all environments, and the percentage change from the week before.

It also lists the five services that contributed most to spending in the previous week.