Skip to content

Overview

The Overview module is the first screen you see when you log in to the SenseOn platform. It gives your security team an at-a-glance summary of the current threat landscape across your environment and acts as the starting point for daily triage.

What the Overview Shows

The Overview surfaces the most important information from the last 24 hours (configurable) without requiring you to run queries or navigate to individual modules:

  • Active cases — count of open cases grouped by severity (Critical, High, Medium, Low)
  • New observations — volume of security observations received from endpoints and network sensors
  • Device health — proportion of enrolled devices that are online and reporting
  • Top detections — the detection types appearing most frequently across your estate
  • Case backlog — cases awaiting triage or analyst assignment

Alert Triage Workflow

The Overview is designed to support a structured triage process at the start of each shift or working day:

  1. Review critical and high-severity cases — these are surfaced at the top and require the most immediate attention.
  2. Dismiss noise — low-confidence observations can be acknowledged in bulk from the Overview without opening each case individually.
  3. Assign cases — cases can be assigned to individual analysts or teams directly from the Overview panel.
  4. Navigate to Investigate — click any case to open the full investigation workspace, where you can view evidence, timelines, and response options.

Metric Cards

Each metric card on the Overview page links to a filtered view of the relevant module. For example:

Card Destination
Critical cases Investigate, filtered to Critical
New observations Experience, showing today's observations
Offline devices Digital Estate, filtered to offline
Top detection Hunt Lab pre-populated with a query for that detection

Customising the Time Range

By default the Overview shows data for the past 24 hours. Use the time picker in the top-right corner to adjust the window. Changes apply to all cards on the page for the duration of your session.

Next Steps

  • To investigate a specific case, go to the Investigate module.
  • To browse raw observations and events, go to the Experience module.
  • To see a detailed breakdown of metrics over time, go to Dashboards.