[Security Solution][Entity Analytics][Risk Scoring] Update risk information flyout text and add management link (elastic#243596)

abhishekbhatia1710 · web-flow · commit 8d9c472e4dc1 · 2025-11-26T09:51:56.000+01:00
## Summary This PR updates the Risk Information flyout to improve clarity and add a link to the entity risk scoring management screen. ### Changes: - Updated terminology from "hosts and users" to "entities" for consistency - Added a link to the entity risk scoring management screen in the risk calculation explanation - Improved the description of asset criticality behavior to reflect that it's based on assigned criticality levels rather than feature enablement ### Related Issue: [EA-12731](elastic/security-team#12731) ### Checklist: - [x] Updated text for better clarity and consistency - [x] Added link to management screen for better user guidance - [x] Verified linting passes ### Screenshot <img width="878" height="836" alt="image" src="https://github.com/user-attachments/assets/8b1f3333-f9d4-4328-ac2c-4992d57ef6b7" />
diff --git a/x-pack/platform/plugins/private/translations/translations/de-DE.json b/x-pack/platform/plugins/private/translations/translations/de-DE.json
@@ -38116,7 +38116,7 @@
     "xpack.securitySolution.riskInformation.howOftenTitle": "Wie oft wird das Risiko berechnet?",
     "xpack.securitySolution.riskInformation.introText": "Entity Risk Analytics identifiziert riskante Hosts und Nutzer in Ihrer Umgebung.",
     "xpack.securitySolution.riskInformation.levelHeader": "Risikostufe",
-    "xpack.securitySolution.riskInformation.riskCalculationStep1": "Bewertet nur Nutzer und Hosts (Entitäten), die mit Erkennungs-Alerts verknüpft sind, die nicht geschlossen wurden.",
+    "xpack.securitySolution.riskInformation.riskCalculationStep1": "Bewertet nur Entitäten, die mit Erkennungs-Alerts verknüpft sind, die nicht geschlossen wurden. Dieses Verhalten kann in {managementLink} konfiguriert werden.",
     "xpack.securitySolution.riskInformation.riskCalculationStep2": "Erzeugt einen 'Alert'-Kategorie-Score, indem Alerts nach Entitäts-Identifikator aggregiert werden, sodass Alerts mit höheren Risikowerten mehr beitragen als solche mit niedrigeren Risikowerten.",
     "xpack.securitySolution.riskInformation.riskCalculationStep3": "Wenn die Feature „Asset-Kritikalität“ in Ihrem Bereich aktiviert ist, überprüft die Risikobewertung für Entitäten die Klassifizierungsstufe der Asset-Kritikalität der Entität und generiert einen Score-Modifikator in der Kategorie „Asset-Kritikalität“.",
     "xpack.securitySolution.riskInformation.riskCalculationStep4": "Erzeugt das Entitätsrisiko als normalisierte numerische Risiko-Score.",
diff --git a/x-pack/platform/plugins/private/translations/translations/fr-FR.json b/x-pack/platform/plugins/private/translations/translations/fr-FR.json
@@ -38481,7 +38481,7 @@
     "xpack.securitySolution.riskInformation.howOftenTitle": "À quelle fréquence le risque est-il calculé ?",
     "xpack.securitySolution.riskInformation.introText": "L'analyse de risque des entités détecte les hôtes et les utilisateurs risqués à l'intérieur de votre environnement.",
     "xpack.securitySolution.riskInformation.levelHeader": "Niveau de risque",
-    "xpack.securitySolution.riskInformation.riskCalculationStep1": "Uniquement les utilisateurs et les hôtes (entités) de scores associés aux alertes de détection non fermées.",
+    "xpack.securitySolution.riskInformation.riskCalculationStep1": "Seules les entités associées aux alertes de détection non fermées sont notées. Ce comportement peut être configuré dans {managementLink}.",
     "xpack.securitySolution.riskInformation.riskCalculationStep2": "Génère un score de catégorie \"Alerte\" en regroupant les alertes par identificateur d'entité, afin que les alertes ayant des scores de risque plus élevés contribuent davantage que les alertes dont les scores de risque sont moins élevés.",
     "xpack.securitySolution.riskInformation.riskCalculationStep3": "Si la fonctionnalité \"Criticité des ressources\" est activée dans votre espace, le score de risque des entités vérifie le niveau de classification de la criticité de l'entité et génère un modificateur de score dans la catégorie \"Criticité des ressources\".",
     "xpack.securitySolution.riskInformation.riskCalculationStep4": "Génère le niveau de risque des entités en tant que score numérique normalisé.",
diff --git a/x-pack/platform/plugins/private/translations/translations/ja-JP.json b/x-pack/platform/plugins/private/translations/translations/ja-JP.json
@@ -38522,7 +38522,7 @@
     "xpack.securitySolution.riskInformation.howOftenTitle": "リスクを計算する頻度",
     "xpack.securitySolution.riskInformation.introText": "Entity Risk Analyticsは、環境内のリスクのあるホストとユーザーを明らかにします。",
     "xpack.securitySolution.riskInformation.levelHeader": "リスクレベル",
-    "xpack.securitySolution.riskInformation.riskCalculationStep1": "クローズされていない検出アラートに関連付けられたユーザーとホスト（エンティティ）のみスコア付けします。",
+    "xpack.securitySolution.riskInformation.riskCalculationStep1": "クローズされていない検出アラートに関連付けられたエンティティのみスコア付けします。この動作は {managementLink} で設定できます。",
     "xpack.securitySolution.riskInformation.riskCalculationStep2": "エンティティID別にアラートを集約することで、「アラート」カテゴリスコアを生成します。リスクスコアが高いアラートがリスクスコアが低いアラートよりも大きく寄与するように設定されます。",
     "xpack.securitySolution.riskInformation.riskCalculationStep3": "スペースで「アセット重要度」機能が有効な場合は、エンティティリスクスコアによって、エンティティのアセット重要度分類ティアが検証され、「アセット重要度」カテゴリの下でスコア修飾子が生成されます。",
     "xpack.securitySolution.riskInformation.riskCalculationStep4": "正規化された数値スコアとしてエンティティリスクを生成します。",
diff --git a/x-pack/platform/plugins/private/translations/translations/zh-CN.json b/x-pack/platform/plugins/private/translations/translations/zh-CN.json
@@ -38502,7 +38502,7 @@
     "xpack.securitySolution.riskInformation.howOftenTitle": "多久计算一次风险？",
     "xpack.securitySolution.riskInformation.introText": "实体风险分析将显示您的环境中存在的有风险主机和用户。",
     "xpack.securitySolution.riskInformation.levelHeader": "风险级别",
-    "xpack.securitySolution.riskInformation.riskCalculationStep1": "仅对与尚未关闭的检测告警关联的用户和主机（实体）评分。",
+    "xpack.securitySolution.riskInformation.riskCalculationStep1": "仅对与尚未关闭的检测告警关联的实体评分。可在 {managementLink} 中配置此行为。",
     "xpack.securitySolution.riskInformation.riskCalculationStep2": "通过按实体标识符聚合告警来生成“告警”类别分数，从而使风险分数高的告警贡献高于风险分数低的告警。",
     "xpack.securitySolution.riskInformation.riskCalculationStep3": "如果在工作区中启用了“资产关键度”功能，实体风险评分会验证实体的资产关键度分类层，并在“资产关键度”类别下生成分数修饰符。",
     "xpack.securitySolution.riskInformation.riskCalculationStep4": "以标准化数字分数的形式生成实体风险。",
diff --git a/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/risk_information/index.tsx b/x-pack/solutions/security/plugins/security_solution/public/entity_analytics/components/risk_information/index.tsx
@@ -36,6 +36,8 @@ import {
 } from '../../../../common/entity_analytics/asset_criticality';
 import { AssetCriticalityBadge } from '../asset_criticality';
 import { EntityAnalyticsLearnMoreLink } from '../entity_analytics_learn_more_link';
+import { SecuritySolutionLinkAnchor } from '../../../common/components/links';
+import { SecurityPageName } from '../../../../common/constants';
 
 const SpacedOrderedList = styled.ol`
   li {
@@ -141,7 +143,7 @@ export const RiskInformationFlyout = ({ handleOnClose }: { handleOnClose: () =>
           <p>
             <FormattedMessage
               id="xpack.securitySolution.riskInformation.introText"
-              defaultMessage="Entity Risk Analytics surfaces risky hosts and users from within your environment."
+              defaultMessage="Entity Risk Analytics surfaces risky entities within your environment."
             />
           </p>
           <p>
@@ -203,7 +205,19 @@ export const RiskInformationFlyout = ({ handleOnClose }: { handleOnClose: () =>
             <li>
               <FormattedMessage
                 id="xpack.securitySolution.riskInformation.riskCalculationStep1"
-                defaultMessage="Only scores users and hosts (entities) associated with detection alerts that have not been closed."
+                defaultMessage="Only scores entities associated with detection alerts that have not been closed. This behavior is configurable in the {managementLink}."
+                values={{
+                  managementLink: (
+                    <SecuritySolutionLinkAnchor
+                      deepLinkId={SecurityPageName.entityAnalyticsManagement}
+                    >
+                      <FormattedMessage
+                        id="xpack.securitySolution.riskInformation.managementScreenLink"
+                        defaultMessage="entity risk scoring management screen"
+                      />
+                    </SecuritySolutionLinkAnchor>
+                  ),
+                }}
               />
             </li>
             <li>
@@ -215,7 +229,7 @@ export const RiskInformationFlyout = ({ handleOnClose }: { handleOnClose: () =>
             <li>
               <FormattedMessage
                 id="xpack.securitySolution.riskInformation.riskCalculationStep3"
-                defaultMessage="If the 'Asset Criticality' feature is enabled in your space, entity risk scoring verifies the asset criticality classification tier of the entity and generates a score modifier under the 'Asset Criticality' category."
+                defaultMessage="If an asset criticality level has been assigned to the entity, entity risk scoring retrieves the criticality level and applies a score modifier under the 'Asset Criticality' category."
               />
               <EuiSpacer size="s" />
               <EuiBasicTable
