Reference Guide
Navigate the Dell Server
40
Click a file type for details of the events of that type.
File types include:
Unsafe - A suspicious file with a high score (-60 to –100) likely to be malware
Abnormal - A suspicious file with a lower score (-1 to –59) less likely to be malware
Quarantined - A file that is moved from its original location, stored in the Quarantine folder, and
prevented from executing on a specific device.
Waived - A file allowed to execute on a specific device.
Cleared - A file that has been cleared within the organization. Cleared files include files that are Waived,
added to the Safe list, and deleted from the Quarantine folder on a device.
For more detail about events, see Advanced Threat Prevention Classifications and
Advanced Threats
Top Ten
Advanced Threats by Priority
Advanced Threats by Priority classifies suspicious files by priority levels of High, Medium, and Low. This
prioritization helps administrators determine which threats and devices to address first. To view a list of
threats with the corresponding priority level, click a value in Advanced Threats by Priority on the
dashboard.
Files are analyzed for the following attributes:
The file has a Cylance score greater than 80.
A score is assigned to each file that is deemed Abnormal or Unsafe. The score represents the
confidence level that the file is malware. The higher the number, the greater the confidence.
The file is currently running.
The file has been run previously.
The file is set to auto run.
The file is detected by Execution Control.
Files are prioritized based on the number of the above attributes it has:
Low = 0-1 attributes
Medium = 2-3 attributes
High = 4-5 attributes
As an example, following is the analysis of three threats:
Threat 1
Attribute Attribute Value Score
Cylance score 90 +1
Currently running on any
device
True +1
Ever run on any device True +1