Reports module: Available reports reference guide
Overview
The Reports Module provides a unified, comprehensive view of your managed Organizations. It spans executive‑level insights, operational metrics, and detailed configuration audits. This guide outlines each available report, its purpose, and relevant integrations.
Reports are grouped into three categories:
-
Executive reports: High-level visibility into security posture, risk, and exposure.
-
Operational reports: Daily metrics for billing, alerts, and application usage.
-
Configuration reports: Granular visibility into account states, settings, and device mappings.
1. Executive reports
These reports are designed to provide high-level visibility into the security posture and external exposure of an organization.
| Report title | Description | Integration/tags |
|---|---|---|
| Account Detail | Lists all events associated with a specific account for the specified time duration. |
|
| Externally Shared Files |
Lists all "External File Share" events per organization for the specified time duration. |
|
| File Share Events | Lists all File Share events per organization for the specified time duration. |
|
| Organization Vulnerability Assessment | Compares an organization against benchmarks (Microsoft Secure Score, Fortify Snapshot, or Fortify Template). It highlights outstanding actions to further secure the organization based on licensing. |
Microsoft, Fortify |
| Respond Rule Trigger Report | Lists all Respond Rule Trigger events per organization for the specified time duration. |
Microsoft |
| SaaS Cyber Assessment |
A graphical report highlighting high-priority events that have occurred per organization for the specified time duration. |
|
| SaaS Risk Report |
A map view displaying Total Risk Events and Total File Share Events per organization for the specified time duration. |
|
| Threat Mitigation |
Compares progress against benchmarks (Microsoft Secure Score, Fortify Snapshot/Template) to show completed improvements. Includes info on continual risk events and triggered Respond Rules to demonstrate ongoing security work. |
Microsoft, Fortify |
2. Operational reports
Operational reports support daily management of alerts, applications, PSA integrations, and billing‑related insights.
| Report title | Description | Notes |
|---|---|---|
| Billing Details | Partner Specific: Shows Total Organizations, Total Accounts, Total Billable Accounts, and billing cycle details for a specified date. Allows drill-down into specific organizations. |
|
| Critical Alerts |
Lists all Critical Alerts per organization for the specified time duration. |
|
| Medium Alerts | Lists all Medium Alerts per organization for the specified time duration. |
|
| Low Alerts | Lists all Low Alerts per organization for the specified time duration. |
|
| Enterprise Applications Details | Lists all events where OAuth was used for another application per organization for the specified time duration. |
|
| Foreign Applications Details (Shadow IT) |
Provides graphical and table representations of which users are allowing Foreign Application access (and identifies those applications) per Organization. |
Shadow IT |
| PSA Account Sync Report |
Partner Specific: Shows the list of billable account sync activity for PSA connections. |
|
| PSA Organization Mapping Report |
Partner Specific: Shows the list of Organization mapping and status information for PSA connections. |
|
|
Stale Devices Report |
Lists devices per organization that have not been logged in to in over 90 days. |
|
3. Configuration reports
These reports provide granular details regarding specific configurations, rules, and device states.
| Report title | Description | Integration/Tags |
|---|---|---|
| Account List | Lists all accounts per organization, including their billing status, login status, and last activity. |
Microsoft |
| Account Mailbox Forwarding Rule Report |
Lists all mailbox forwarding rules per organization, grouped by account. Includes rule names and details. |
Microsoft |
| Device Mapping Lists | Graphical representation of which devices per organization are currently mapped, unmapped, ignored, or shared according to the Unify configuration. |
Unify |
| Fortify Actions Audit Report | Lists all actions that have had a status change in Fortify per organization for the specified time duration. |
Microsoft, Fortify |
| MFA Settings Report | Lists all accounts per organization indicating if MFA is enabled/enforced, admin status, and additional security measures. |
Microsoft, Google Workspace |
Summary
The Reports Module delivers actionable data across all aspects of security, operations, and configuration. By using the right reports at the right time—executive, operational, or configuration—partners and analysts can effectively monitor security posture, track performance, and validate organizational settings.
