# Exposure Widgets

{% hint style="info" %}
Most dashboard widgets will provide helpful information as to their purpose if you roll your mouse over the Information icon <img src="/files/eezZg8q1rDIeYDSpCPm9" alt="" data-size="line">.
{% endhint %}

## Identify Exposed Devices, Groups, Users, or High-Value Applications

Epiphany's exposure widgets provide information to help you identify which of your devices, groups, users, or high-value applications are at risk of exposure to an attacker.&#x20;

### **Features of Each Exposure W**idget

The exposure widgets show information about the number of exposed devices, groups, users, or high-value applications. These widgets show information in a similar way.

![](/files/nb6M7Tf70pX5fdNFaB83)

This is how the elements of each Exposure widget work:

* The number in the circle is the number of exposed items. You can roll your mouse over the circle to display a key for what the colors in the circle mean.
* Click on the number in the circle or on a color in the circle to display further details about the exposed item.
* The tiny circles represent dates. Click on one of these circles to see the date change at the bottom of the widget, and the number in the circle as well as the colors change to represent that date.
* The circle for the selected date is shown in yellow.
* There is a bar graph directly above the date. It shows change over time for that date.

### Exposed Devices

**Exposed Devices** tracks the number of devices present in attack paths. It shows how many devices are potentially exposed to an attacker if that path is leveraged.

![](/files/eBb9dC2k3WfpaywxGyXf)

The number in the circle is the number of exposed devices.

Click on the circle to display further details about each exposed device: the device **Name**, the number of attack paths it is **Present In**, the number of **Prizes** on the device, **Groups** exposed, and the data **Source**s that are reporting about the device.

![Exposed Devices detail.](/files/Rt5jWxg832z7Nysl46dR)

### Exposed Groups

**Exposed Groups** tracks the number of groups (if the connected identity data source has them) that are present in attack paths, just like **Exposed Devices**.

![](/files/iVutQQmXF69teUs4SeH5)

The number in the circle is the number of exposed groups.

Click on the circle to display information about each exposed group: the group **Name**s, how many devices the group provides **Admin Rights** to, how many **Users** are part of the group, and what identity **Source** is providing information about the group.

<figure><img src="/files/s89ppb5d52RDWaCSttyu" alt=""><figcaption><p>Exposed Groups detail.</p></figcaption></figure>

### Exposed Users

**Exposed Users** gives you visibility into the risk a particular identity in an attack path poses to your environment from all the identity sources connected to Epiphany.

![](/files/3m9yA3DhBTty5gHLLeKH)

The number in the circle is the number of exposed users.&#x20;

Click on the circle to display information about each exposed user: the user's **Name**, how many devices they're **Found On**, how many devices they have direct and inherited (through a group membership) **Admin Rights** to, their **Group** memberships (select **Details** to see this), and the data **Source** reporting information about the user.&#x20;

<figure><img src="/files/EYoolqkryZxCgmrDjv4s" alt=""><figcaption><p>Exposed Users detail.</p></figcaption></figure>

### High Value Applications

**High Value Applications** is one of Epiphany's default methods for targeting attack paths and understanding key areas of potential material impact. Epiphany attempts to build attack paths to control systems (such as domain controllers), communications systems (such as exchange servers), and data storage locations (such as SQL, Oracle, EC2, etc.) to give you an understanding of how many unique systems are directly in the path of the attacker.

![](/files/7qqmgR7PArS06UK8AeqW)

The number in the circle is the number of high-value applications in an attack path.&#x20;

Click on the number (116 in the image) or on a color in the circle to display information about each high value application in an attack path: the **Name** of the application, which device it is **Found On**, the number of attack **Paths** leading to it, and when it was found (**Last Seen**).

![High Value Applications detail.](/files/349inu7DVPmMKq4vBQZk)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.reveald.com/technical-documentation/epiphany-workflows/technical-analysis/create-an-analysis-focused-dashboard/exposure-widgets.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.