Users Guide

Select one of the following options to display verbose Advanced Threat Prevention details:

● Show Threats

The Show Threats option displays threats that were mitigated by Advanced Threat Prevention and the following details:

File Hash ID - Displays the SHA256 hash information for the threat.

File MD5 - The MD5 hash.

Currently Running? - Is the threat currently running on the device? Running or Not Running.

File Path - The path where the threat was found. Includes the file name.

Score - Ranking of the threat.

● Show Exploits

The Show Exploits option displays exploits that were mitigated by Advanced Threat Prevention and the following details:

Event ID - Unique number assigned to each threat event.

Process ID - Displays the process ID of the application identified by Memory Protection.

Process Tag - A unique identifier categorizing processes per boot cycle.

Image Hash - Displays the SHA256 hash information for the exploit.

Image Path - The path where the exploit originates. Includes the file name.

File Version - Displays the version number of the exploit file.

● Show Scripts

The Show Scripts option displays scripts that were mitigated by Advanced Threat Prevention and the following details:

Script Path - The path where the script originates. Includes the file name.

Event ID - A unique number assigned to each script event.

File Hash ID - Displays the SHA256 hash information for the script.

File MD5 - The MD5 hash.

Drive Type - Details if the drive is internal or external.

Interpreter Name - The name of the script control feature that identified the malicious script.

Interpreter Version - The version number of the script control feature.

Advanced Threat Prevention