AI Guardian Dashboard has the tools to help you analyze and keep track of all discovered threats. It contains information about every email that was processed by AI Guardian.

Note: this feature is not available with AI Guardian Standard. Read our Knowledge Base article AI Guardian Premium Overview to know more about AI Guardian Premium.

Logging Into Dashboard

AI Guardian Dashboard can be accessed from your HostPilotĀ® Control Panel in Services > Email Protection Premium > AI Guardian > AI Guardian Dashboard. This will open new tab in the browser and you will be automatically logged into the portal.



In the portal navigate to Threats tab. It will give you a table summary of all the Inbound targeted threats that have been detected in your organization.


You can search incidents by the Subject of the email, User Name or Email Address and Incident ID.

The list will shows date, affected user, triggered policy, email subject and taken action.

Note: by default Ransomware, Extortion and Credential Phishing policies are enabled with Body Tag action with the default text applied:

  • Extortion and Ransomware:
    Potential threat warning - This email looks like could be threatening you with a potentially harmful action/fee - Be cautious clicking on any links/attachments, check the sender's email address, if you believe this to be legitimate, contact your IT team.
  • Phishing:
    Potential phishing warning -This email looks like it could trick you into sharing your credentials with a fake party. Please be cautious when clicking any links in this email or its attachments and check the sender's email address. If in doubt, contact your IT team.

Other policies are enabled in No Action state. Read our Knowledge Base article AI Guardian Dashboard Policies to know how to configure policies for AI Guardian.


All incidents will appear in Open status by default. You can change it to In Progress while you are investigating and mark as Resolved once completed.


Most actions will be taken by AI Guardian system automatically according to the configured policies. Some incident will require review and taking action manually. Such incidents will appear with Need Review status. Incidents will also appear in this status if No Action is configured in the Policy Actions.

You can click three dots to the right of the incident status to see list of available actions. You can

    • Move email to Quarantine
    • Delete from mailbox
    • or Ignore the incident


Clicking on the incident will open detailed page showing additional information.


Email DLP

Email DLP page will give you a table summary of PII/PCI violations disclosed in emails sent Outside of your organization.

It has the same options and actions available as inbound Threats page.


Overview Dashboard

Overview Dashboard provide you the summary of all detected incidents with the tools to monitor and analyze threats.

It has separate Threats Dashboard for Incoming and Data Loss Dashboard for Outgoing threats.


Threat Dashboard

On the top right you can adjust the time filters to show data for the past 24 hours, 1 week, 1 month, 1 year or all time.

You can select additional filters to show only threats that trigger specific policy or only threats with specific status.


Charts will show you percentage of threats for each policy.

In the bottom you can see the list of most attacked VIPs and most attacked users.


Data Loss

Data Loss dashboard shows the same information for Outbound emails.

You can view outbound threats sorted by policies.


In the bottom you can see the list of the users whose emails were caught by the Outbound policies most often.