Quick navigation
1. What is the CloudGuard Command Center?
2. Can I drill down into my score to understand what’s driving it?
3. How does the Command Center handle alerts and tickets?
5. What is ANSEL and how does it help me?
6. How does the Command Center reduce alert fatigue?
7. What reporting features are available?
8. Can I customise the Command Center?
9. Does the Command Center work on mobile devices?
10. How does the Command Center help with cost transparency?
The CloudGuard Command Center is your unified dashboard for PROTECT & PROTECT+ customers. It provides all the key widgets and insights you need at a glance, including overall security score, ticket status, automation impact and event triage. It’s designed so you never need to log into Microsoft Sentinel or Jira to understand your security posture.
Yes. Clicking on the score lets you see the underlying factors. If the score drops, you’ll be able to identify exactly which issues or tickets contributed and take action directly.
All tickets from Jira are automatically pulled into the Command Center. They are displayed by severity and can be filtered (e.g., highs, mediums, lows). You can click into any ticket to see details, add comments, and update Jira directly from within the Command Center, no need to log into Jira separately.
The triage feed is your real-time “to-do list.”
• It shows events requiring your attention, prioritised automatically.
• It updates live, with notifications and alerts for new tickets.
• You can manage and close tickets directly from this feed.
ANSEL is CloudGuard’s virtual SOC analyst. It:
• Resolves and enriches alerts automatically
• Suggests customer actions where needed
• Executes remediation steps on your behalf
The Command Center shows the percentage of tickets resolved by ANSEL vs human intervention, and how many days of effort have been saved through automation.
The system filters thousands of noisy alerts down to a manageable few. For example, 8,000 raw events might be condensed into just 10 actionable true positives. This means you only see what matters, no overwhelming noise, just critical insights.
You can generate reports directly from the Command Center. Reports include:
• A snapshot of your key widgets (scores, automation impact, etc.)
• A detailed list of tickets (e.g., all high-severity tickets in a timeframe)
• Reports are exported as PDFs that can be used for board-level or executive updates.
• The time period is customisable so you can pick the dates that suit you best
Yes. You can create workspaces tailored to your role or needs. For example:
• A CISO might only track security score, automation impact, and high-severity alerts.
• An IT analyst might want detailed connector data and triage feeds.
Widgets can be resized, rearranged, and saved into custom views. Reports and downloads can then be generated from these custom views.
Yes. The interface is fully responsive, adapting to tablet and mobile screens. Widgets reorganise to fit smaller displays while keeping information accessible.
The Command Center shows the volume of data ingestion in Sentinel per log source. This allows you to easily identify log sources with a high ingestion volume and therefore a higher cost associated with that log table. You can then raise these ingestions with CloudGuard for proactive cost optimisation and tuning where necessary.
Yes. You can log new service requests, incident response tickets, or support queries directly from within the Command Center. These go into CloudGuard’s service desk without needing to email or phone.
Planned features include:
• More widgets added each quarter based on customer feedback
• Connector-level drill downs, showing which analytical rules triggered events
• AI-driven summaries in reports
• Chat integration with your Customer Success Manager directly in the portal
Still have a question?
Drop us a message and our team will get back to you as soon as possible.