2. Reporting

📖 Overview

The Reporting module provides structured, exportable security summaries based on email threat data collected across a specified date range. These reports help administrators and SOC analysts gain insight into:

  • Phishing and spam trends

  • Targeted users

  • Source domains and email addresses

  • Most attacked countries

  • Content policy violations

🛡️ With one click, you can generate a full overview of the email threat landscape across your organization.

🧾 Report Generation

At the top of the interface, select a Start Date and End Date, then click Generate Report to produce a new log-based analysis for that timeframe.

Each generated report includes:

  • Date Range

  • Threat Score (letter grade: A to F)

  • Creation Timestamp

  • View Button to access full details

📁 Reports are securely stored and viewable anytime within the panel.

📈 What the Report Includes

🌍 Most Attacked Country Statistics

  • Heatmap and table showing where detected threats originate

  • Helps identify geographic targeting trends

  • Supports regional threat intelligence decisions

📬 Targeted Recipients

  • Email addresses most frequently attacked

    • Indicates users at high risk of phishing or impersonation

  • Users receiving the most spam

    • Reveals inboxes under heavy unsolicited email load

✉️ Threat Sources

  • Top attack-sending email addresses

    • Identifies malicious or spoofed senders

  • Phishing email sender domains

    • Domains used to trick users into entering sensitive data

  • Spam sender domains

    • Domains responsible for the most unwanted or abusive email content

📌 These can be quickly added to blocklists from within the platform for immediate mitigation.

📊 System Summary Chart

  • Pie chart visualization of total detected threats, by type:

    • Phishing

    • Spam

    • Content Filter Violations

  • Helps prioritize focus areas for remediation and education efforts.

📄 Content Filter Summary

  • Displays most frequently blocked words from emails

  • Useful for tuning keyword-based content filters (e.g., blocklist for sales, adult terms, scams)

Example:

Blocked Word
Detection Count

discount

1

📋 Use Cases

Goal
Reporting Benefit

Prove security value to stakeholders

Share monthly threat summaries

Identify vulnerable inboxes

Focus user awareness training

Track threat evolution

Compare report scores over time

Export for compliance or audits

Archive PDF or CSV versions

Feed data to SIEM or SOC

Export structured intel from reports

⚙️ Best Practices

  • Generate reports on a weekly or monthly basis

  • Track score trends to evaluate improvements

  • Block repeat sources found in multiple reports

  • Cross-reference targeted users with login activity or incidents

🎯 The Reporting module transforms raw email security data into actionable intelligence — making it easier to detect, prove, and respond to threats across your organization.

Previous1. SEG DashboardNext3. Analyzed

Last updated