Home
Vantage
Learn how Vantage uses the power and simplicity of SaaS to deliver unmatched security and visibility across your OT, IoT and IT networks.
User Guide
Information about the main features of Vantage and the tasks that you can do from the user interface (UI).
Alerts
The Alerts page shows all the alerts notifications that your sensors pass to Vantage related to security incidents in your network. This page lets you learn about the alerts, edit their values and post comments.
Detailed list
The Detailed list page shows all the alerts notifications that your sensors pass to Vantage related to security incidents in your network. This page lets you learn about the alerts, edit their values and post comments.
Details page
The details page shows a set of fields which are applicable to the related type of alerts.

Vantage
Learn how Vantage uses the power and simplicity of SaaS to deliver unmatched security and visibility across your OT, IoT and IT networks.
- Introduction
  An overview of Vantage.
- Administrator Guide
  Information about the Administration section of Vantage, and the tasks that you can do in this part of the software.
- User Guide
  Information about the main features of Vantage and the tasks that you can do from the user interface (UI).
  - Sensors
    The Sensors page lets you view all of the sensors that you have in your system.
  - Alerts
    The Alerts page shows all the alerts notifications that your sensors pass to Vantage related to security incidents in your network. This page lets you learn about the alerts, edit their values and post comments.
    - Overview
      The Overview page provides insights into security alerts, risk levels, and alert trends.
    - Detailed list
      The Detailed list page shows all the alerts notifications that your sensors pass to Vantage related to security incidents in your network. This page lets you learn about the alerts, edit their values and post comments.
      - Details page
        The details page shows a set of fields which are applicable to the related type of alerts.
      - Summary drawer
        When you double-click an alert in the table, the summary drawer shows. This lets you post a comment, or open the related details page.
      - Table interactions
  - Assets
    The Assets page shows all the physical components and systems that Vantage has detected through your sensors. Composed of one or more nodes, assets are the fundamental resources that Vantage protects.
  - Wireless
    The Wireless page lets you buy and connect a Guardian Air sensor. Once you have connected one or more Guardian Air sensor, the Wireless page show the connected Guardian Air sensors.
  - Queries
    The Queries page lets you write queries for your system. You can also save queries and assertions to be used again.
  - Vulnerabilities
    The Vulnerabilities page shows a list of all the vulnerabilities that Vantage has detected in your system. Vulnerabilities are weaknesses that reduce the security of your system and give threat actors an opportunity to exploit your system.
  - Vantage IQ
    Vantage IQ helps you navigate and explore your network. You can use smart query commands to leverage advanced machine learning and data analytic algorithms to dive deeper into your data.
  - Network
    The Network page shows a visual representation of your network and all its assets.
  - Graph
    Displays a visual map of your network, highlighting asset connections and communication paths. Users can switch between network and physical views to explore infrastructure relationships.
  - Process
    The Process page shows a list of processes in your environment. Processes are a set of repeatable functions that a business does to deliver a core value.
  - Dashboards
    The Dashboards page shows a list of all the dashboards that have been created.
  - Reports
    The Reports page shows all the reports that the sensors in your system have created.
  - Sites
    The Sites page shows all the geographical locations of the assets in your system. It lets you associate a site to one or more network domains. You can also add details such as the country or city of the site.
  - Workbooks
    The Workbooks page shows recommended courses of action that can improve your network security. Generated through machine learning, workbooks highlight the vulnerabilities currently creating the highest risk exposure.
  - Threat Intelligence
    The Threat Intelligence page shows an overview of all of the available threat cards and categories. It also lets you filter the threat cards to show only malware, threat actors, or vulnerabilities
  - Asset Risk
    The Asset Risk page provides an in-depth view of asset risk levels. This includes an overview, detailed analysis, and benchmark comparisons to help assess and manage risks effectively.
  - Smart Polling
    Smart Polling provides a centralized interface for creating, managing, and monitoring polling plans within your organization. It helps you streamline data collection and control monitoring activities from one location.
  - Async operations
    The Async operations page lets you keep track of tasks that are being executed in the background, and it shows their outcome once that they are completed.
  - What's new drawer
    The What's new drawer shows a list of new features, enhancements, and fixes for issues.
  - Administration
  - Profile settings
    The profile settings menu lets you edit your user settings and update your profile.
  - Organizations menu
    The organizations menu lets you search or show a list of all of your organizations, and lets you switch between them. Vantage provides a default organization, but administrators can add more organizations as necessary.
- Print format documentation
  A list of all the print-format documentation that is available for Vantage.

Details page

The details page shows a set of fields which are applicable to the related type of alerts.

Screenshot of a details page showing source and destination details, physical alert graph, geographic map view, and additional metadata including event type, trigger, and capture device — Figure 1. Details page

Actions dropdown

This dropdown gives you access to these actions:

Acknowledge
Unacknowledge
Close
Create Alert Rule for this Alert
Alert trace

Summary

The summary section shows:

What happened
The possible cause of the alert
The suggested solution for the alert

Actor details

The Actor details section shows information about the:

Source: Details about where the activity was initiated
Communication: The communication protocols detected
Destination: Details about the targeted asset

Physical alert graph

The Physical alert graph view displays the physical connection path between source and destination devices involved in a triggered alert. Vantage shows this path at the cable level, including intermediate switches and any other devices connected along the route.

This view helps users assess the potential impact of response actions, such as disabling a specific switch port to isolate a device. By identifying additional assets that share the same physical infrastructure, operators can evaluate containment strategies and take targeted action directly from the alert interface.

Map

A map view that shows both the source and the destination of the alert to show it in a real-world context.

Playbook

If applicable, a playbook will be created from a template that has been defined by an administrator. The template guides you on how to best respond to the alert. You can edit an alert's playbook to collaborate with your colleagues and record the progress in resolving the alert.

Additional details

This section gives more context about the reported activity. Vantage displays the relevant details for this specific type of alert, and other fields are marked n.a.

MITRE ATT&CK for ICS Techniques Detection

This section shows when Vantage is able to provide information about the technique and attack tactics as defined in the MITRE ATT&CK Framework.

Timeline of events

This section shows all events that are related to this alert.

Comments

This section lets you add, or read, comments about this alert.