Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption

241

242

243

244

245

246

247

248

249

250

Security Management Server v10.2.10 AdminHelp

235

4. Click Upload Certificate.

5. Click OK once the upload is successful.

For instructions about how to safelist a certificate, see

Manage Enterprise Advanced Threats - Global

List.

Manage Enterprise Advanced Threats - Cylance Score and Threat Model Updates

A Cylance score is assigned to each file that is deemed Abnormal or Unsafe. The score represents the

confidence level that the file is malware. The higher the number, the greater the confidence.

Threat Model Updates

The predictive threat model used to protect devices receives periodic updates to improve detection

rates.

Two columns on the Protection page in the Management Console show how a new threat model affects

your organization. Display and compare the Production Status and New Status columns to see which

files on devices might be impacted by a model change.

To view the Production Status and New Status columns:

1. In the left pane, click Populations > Enterprise.

2. Select the Advanced Threats tab.

3. Click the Protection tab.

4. Click the down-arrow on a column header in the table.

5. Hover over Columns.

6. Select the Production Status and New Status columns.

Production Status - Current model status (Safe, Abnormal or Unsafe) for the file.

New Status - Model status for the file in the new model.

For example, a file that was considered Safe in the current model might change to Unsafe in the new

model. If your organization needs that file, you can add it to the Safe list. A file that has never been seen

or score by the current model might be considered Unsafe by the new model. If your organization needs

that file, you can add it to the Safe list.

Only files found on device in your organization and that have a change in its Cylance Score are

displayed. Some files might have a score change but still remain within its current Status. For example,

if the score for a file goes from 10 to 20, the file status may remain Abnormal and the file appears in the

updated model list (if this file exists on devices in your organization).

The information for the model comparison comes from the database, not your devices. So no re-

analysis is done for the model comparison. However, when a new model is available and the proper

Agent is installed, a re-analysis is done on your organization and any model changes are applied.

Compare Current Model with New Model

You can now review differences between the current model and the new model.

The two scenarios you should be aware of are:

Production Status = Safe, New Status = Abnormal or Unsafe

• Your Organization considers the file as Safe

• Your Organization has Abnormal and/or Unsafe set to Auto-Quarantine