Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption

241

242

243

244

245

246

247

248

249

250

Manage Policies

If the file has been uploaded for analysis, the Detailed Threat Data pane may display a comprehensive

summary of the static and dynamic characteristics of the file including additional file metadata, file

structure details, and dynamic behaviors such as files dropped, registry keys created or modified, and

URLs with which it attempted to communicate.

Note: If no results display in the Detailed Threat Data pane, the file has not yet been uploaded for

analysis. Debug logging may provide information about why the file was not uploaded.

Script Control Table

The table lists details about Active and PowerShell scripts that have been blocked or have triggered an

alert and the affected devices.

Columns display the file name, interpreter (PowerShell or ActiveScript), last found, drive type (such as

internal hard drive), SHA256, Number of devices on which the script is found, and Number of

occurrences that were blocked or triggered alerts.

To filter column data, click the filter icon on a column header and select values to include or exclude.

Manage Enterprise Advanced Threats - Agents

After an Advanced Threat Prevention client is installed on an endpoint computer, it is recognized by the Dell

Server as an agent.

Agents Table Data, Explained

 Name - The name of the agent on the endpoint computer.

 State - State of the agent, online or offline. A computer is in the offline state after three failed

attempts in a 15-minute period to contact the Cylance server.

 Offline Date - If applicable, the date on which the agent went offline.

 Files Analyzed - Number of files analyzed on the endpoint computer.

 Unsafe - Number of files deemed Unsafe on the device. An unsafe file has characteristics that

greatly resemble malware.

 Quarantined - Number of files Quarantined on the device.

 Waived - Number of Waived files on the device.

 Abnormal - Number of Quarantined files on the device.

 Exploit Attempts - Number of exploit attempts on the device.

Commands

To export details about an agent or remove an agent from the list:

Export - Creates and downloads a CSV file that contains device information (Name, State, Policy, etc.).

Remove - Removes selected agents from the Agent Table. This does not uninstall the agent from the

device.

Manage Enterprise Advanced Threats - Certificate

The Certificate tab allows you to upload a certificate for the purpose of safelisting it.

Certificates must be in .cer or .crt format.

To upload a certificate, follow these steps:

234