Skip to content

feature advisor

EDAMAME Dev edited this page Feb 4, 2026 · 11 revisions

Security Advisor


Feature: advisor

🔐 Security Advisor

Overview The Advisor is your central security command center. At the top, a banner displays your Security Score as stars alongside a summary like 'Critical: 34 security issues need attention'. Five colorful category cards (Policies, Threats, Network, Identity breaches, Traffic) show todo counts with distinctive icons. The Recommendations section below lists all actionable items with priority badges (High/Medium/Low) and type filters. Filter by priority to tackle the most critical issues first, or by type to focus on specific categories. Clicking any recommendation opens a detail pane with full context and action buttons. The Advisor aggregates threats from system security, network anomalies, identity breaches, policy violations, and suspicious traffic into a single actionable dashboard.

⚙️ Sub-Features

1. 🔧 Dashboard – Real-Time Security Overview

Description: The Advisor dashboard opens with a prominent header showing your Security Score as a star rating (e.g., 3.0 stars) alongside a 'Security Advisor' banner that displays the total count of issues needing attention (e.g., 'Critical: 34 security issues need attention'). Below, five colorful summary cards display todo counts for each category: Policies (pink), Threats (orange warning triangle), Network (purple wifi icon), Identity breaches (fingerprint icon), and Traffic (connection icon). Click any card to filter the recommendations below. The 'Recommendations/Advices' section shows a scrollable list of action items, each with a colored priority badge (High in red, Medium in yellow, Low in green) and a type tag. Filter by priority to focus on the most critical items first, or by type to see specific categories like network sessions or identity breaches.


List View Detail View
Dashboard – Real-Time Security Overview - List Dashboard – Real-Time Security Overview - Detail

Screenshot of Dashboard – Real-Time Security Overview - Multi-pane layout showing list and detail views


📝 UI Elements & Data

  • Security Score – Risk Assessment at a Glance

    • A continuously updated score (0-5 stars) summarizing your overall device security risk. Factors in live threat data, policy compliance, network exposure, and system configuration. The score uses the EDAMAME threat model with category-specific weightings for Network, System Integrity, Services, Applications, and Credentials.
  • Action Items – Tasks Remaining

    • Shows how many security tasks remain to improve your score. Each todo represents a specific action—remediate a threat, review a network anomaly, address a credential breach, or fix a policy violation. Click any item to see detailed guidance.
  • Active Threats – Issues Requiring Attention

    • Real-time count of unresolved threats categorized by severity (Critical, High, Medium, Low). Each threat maps to industry frameworks like CIS Benchmarks, SOC 2, and ISO 27001. Click to navigate directly to the threat details.
  • Non-Compliant Policies

    • Quick list of organizational policies your device currently fails to meet. Policies are defined by your organization via EDAMAME Hub and can include minimum score thresholds, required security checks, and compliance tags.
  • Network Devices – Open Ports Detected

    • Highlights devices on your local network exposing services that may require hardening. Includes CVE vulnerability lookup for discovered ports and services. Click to view detailed device information.
  • Identity Breaches – Credential Leaks

    • Displays the number of data breaches affecting your monitored email addresses (via HaveIBeenPwned.com integration). Shows breach severity based on exposed data types—passwords, tokens, personal information.
  • Suspicious Sessions – Network Anomalies

    • Counts network sessions flagged as suspicious or anomalous by the ML-based Extended Isolation Forest algorithm. Includes sessions matching blacklist rules. Desktop only—requires traffic capture enabled.

2. 🔧 Recommendations – Prioritized Action Steps

Description: The Recommendations/Advices section (scrollable list below the dashboard) shows all actionable security items. Each card displays: a category icon (fingerprint for Identity breaches, traffic icon for suspicious sessions, shield for threats), type badge (colored label like 'Traffic', 'Identity breaches'), priority badge ('High' in red, 'Medium' in yellow, 'Low' in green), action description (e.g., 'Review suspicious network sessions and mark as safe if legitimate', 'Data breach detected for your email - review details and mark as handled if you've changed passwords'), source details (domain, email, or device), and timestamp. Click any card to open a detail pane on the right showing full context - for traffic sessions: process name, path, memory usage, session count, destination details with port/service, source IP, and action buttons ('Mark process as safe', 'Close'). The multi-pane layout lets you review details without losing your place in the list.


Recommendations – Prioritized Action Steps

Screenshot of Recommendations – Prioritized Action Steps


📋 Contents


🏠 Navigation


This page was automatically generated from feature definitions.

Clone this wiki locally