Manualshelf

Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption
251252253254255256257258259260
Manage Policies
With SIEM integration, to export data about threats, select Threat Data Report on the Options tab. For
instructions and a description of exportable data, see Threat Data Report
.
Threat Data Report
Select Threat Data Report on the Options tab to enable threat data export to .csv files.
The following types of data are available for export:
Threats - Lists all threats discovered in your organization. This information includes file name and File Status
(unsafe, abnormal, waived, and quarantined).
Devices - Lists all devices in your organization that have an Agent installed. This information includes device
name, operating system version, agent version, and policy applied.
Events - Lists all events related to the Threat Events graph on the dashboard for the last 30 days. This
information includes file hash, device name, file path, and the date the event occurred.
Indicators - Lists each threat and the associated threat characteristics.
Cleared - Lists all files that have been cleared in your organization. This information includes files that were
waived, added to the safe list, or deleted from the quarantine folder on a device.
Export Data
To access the exported data:
1. Select Generate token.
2. Copy the URL of the desired data and paste it into a web browser address field.
3. In the URL, replace [Token] with the generated token displayed in Token.
To disable access to the exported data, select Delete or regenerate to invalidate the current token. After
regenerating a token, provide it to persons who should have continued access to the exported data.
Advanced Threat Prevention Classifications
The Advanced Threat Prevention Classifications pane shows a heat map of threats. The color indicates
the priority classification of the threat. The size of the box indicates the relative number of endpoints that
have a particular threat. This classification helps administrators determine which threats and devices to
address first. Click a threat to view threat and device details.
Threat classifications include the following:
Malware
Trojan
Downloader
Potentially Unwanted Programs (PUP)
Adware
Hacking Tool
Portable Application
Enable Compatibility Mode for Memory Protection
240