In ICDm console you might see the following Device Security status:

At Risk:

1. Out-of-date definitions.
2. Disabled / malfunctioning (Detection and Response).
3. Policy not current (Antimalware).
4. Low disk space (Detection and Response).

Any Symantec Endpoint Protection (SEP) client in cloud managed environment.

1. Out-of-date definitions issue:

Content is considered old or out-of-date if:
-  Antimalware content (virus definitions) is out-of-date after 7 days.
-  Low-bandwidth, Behavioral Analysis and other content is out-of-date after 30 days.
-  The administrator has to make sure that the SEP client are up to date, and can download LiveUpdate (LU) definitions.
  
As a result, please make sure the below URL’s can be Pinged and Telnet (Port: 443) successfully from the affected machine.

• ent-shasta-rrs.symantec.com
• spoc.securitycloud.symantec.com
• usea1.r3.securitycloud.symantec.com

NOTE: The feature and it's content gets assessed only when the latest opstate is received from the client.
If the device is offline and not connected to cloud, then it will reflect the last processed state.
So in scenarios where content definitions are older it will not get assessed until the devices comes back online and sends new opstate information to SES cloud.  

2. Disabled / malfunctioning (Detection and Response):
- Such error can be temporary, and however if it lasts for day in the console in a particular client, then collect SymDiag bundle from this client and open a ticket with technical services.

3. Policy not current (Antimalware):
- The administrator has to make sure that the Antimalware policy is updated in ICDm console, and once this is correct, this warning should be eliminated.

4. Low disk space (Detection and Response):
- In ICDm console go to the device details where this warning exists and check the disk space remaining in the disks of this machine.
  If the disk space is low, correct the issue by cleaning up the disk and check after some time the ICDm warnings.

Troubleshooting failed LiveUpdate or definition update issues for Symantec Endpoint Security (broadcom.com)

Security status reasons (broadcom.com)