Manualshelf

Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption
919293949596979899100
Navigate the Dell Server
86
Severity - Severity of the threat, where Critical is the most dangerous threat to the endpoint, and
Information is just a notification of an event that is unlikely to harm the endpoint. (Critical, Major, Minor,
Caution, Information)
Category - Category of the threat. Upon identification, threats are sorted into these categories: Malware,
Web Filtering, Web Protection, and Firewall.
Event ID - Unique number assigned to each threat event.
Description - Description of the last preventative action taken to handle the threat.
User Name - The DOMAIN\Username associated with the endpoint where the threat was identified.
Received - Date/time stamp when the last action was taken to handle a threat.
Navigate the Threat Event Data
To sort the data, click a column header.
Use the controls at the bottom of the page to:
Advance to the top of the data.
Go back one page.
Go forward one page.
Advance to the end of the data.
Increase or reduce the items per page.
View the range of items currently displayed.
Refresh the data.
Endpoint Advanced Threats
This page allows you to view, export, quarantine, or waive unsafe files that trigger events on the
selected endpoint.
An event is not necessarily a threat. An event is generated when a recognized file or program is
quarantined, safe listed, or waived. Threats are a category of events that are newly detected as
potentially unsafe files or programs and require guided remediation.
1. In the left pane, click Populations > Endpoints.
2. Search or select a hostname, then the Advanced Events tab.
List of Events
The list presents all files that have triggered events found on this device.
Columns
Icon - An icon displays in this column, when available.
Name - File triggering the event.
File Paths - The location of the file on the device.
Cylance Score - A score is assigned to each file that is deemed Abnormal or Unsafe. The score
represents the confidence level that the file is malware. The higher the number, the greater the
confidence.
Status - Indicates whether the file has been quarantined or waived.
Classification - Classification of the threat: High, Medium, or Low. For details, see Advanced
Threat Protection Classifications.
First Found - Date/timestamp that the file was first found.
Running - Indicates whether the file that triggered the event is running or not.
Auto Run - Indicates whether the file was set to automatically run upon startup.
Detected By - Indicates whether the file was detected by Execution Control or by Memory
Protection.