In Safetica NXT, each event is assigned one of four risk levels (high-risk, medium-risk, low-risk, or info) based on various factors that determine how likely it is to cause a data leak. For example, sending data via instant messaging might be a low-risk event, while uploading data from a network drive to webmail should be considered a high-risk operation.
To see which policies were triggered and what other reasons (such as sensitive content found or activities detected outside working hours) are there to classify an event as high, medium, or low-risk, hover the mouse on the risk level of that event.
The same info can also be found in the Risk analysis tab of each event detail:
How to recognize risky events?
Individual risk levels are indicated by colors - from grey for Info events to red for High-risk events.
High-risk events are also highlighted by a red exclamation mark in the Events per user table.