On the EDR monthly report, what does "non-remediated detections" count?
A task in this case is 'executive report' : which will perform following data collection.
1) given time period (1 month), collect all open state incident
2) each day, each incident, find a number of endpoint to be associated with the incident.
ex) we have three open state incidents 1000, 1001, 1002 at date X
1000: associate with endpoint A
1001: associate with endpoint A and B
1002: associate with endpoint C, D, and E
Then the date 'X': has 5 endpoints in total (A, B, C, D and E)
3) check if endpoint is managed by SEP Agent by checking SEPM collected data/mapping, then count up
ex) Endpoint A, B, C, D is found with SEP installation unique data => managed
Endpoint E is found without SEP installation unique data => unmanaged
managed: 4. unmanaged:1
4) repeat 2) and 3) for all given time period (1 month) once per day
5) generate PDF with information:
'Count of non-remediated detections on unmanaged endpoints => sum of unmanaged endpoint count
'Count of non-remediated detections on managed endpoints => sum of managed endpoint count
There is a chart shown at above of context. it shows actual distribution of endpoint number per day.
In char pane, 'infected endpoints' are same as endpoints which is associated with open state incident at a time of given date.