Manualshelf

Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Pro
41424344454647484950
Navigate the Dell Server
30
Web Filter - Includes threats related to web browsing and downloads.
Web Protection - Includes threats related to web browsing and downloads.
Firewall - Includes suspicious communications related to incoming or outgoing traffic and any attacks.
Uncategorized - Lists the number of threats that do not belong in other event counts.
Advanced Threat Prevention Events
The Advanced Threat Prevention Events pane displays a time line of Advanced Threat events over the course
of a month, by file type as assigned by Advanced Threat Prevention.
Click a file type for details of the events of that type.
File types include:
Unsafe - A suspicious file with a high score (-60 to 100) likely to be malware
Abnormal - A suspicious file with a lower score (-1 to 59) less likely to be malware
Quarantined - A file that is moved from its original location, stored in the Quarantine folder, and prevented
from executing on a specific device.
Waived - A file allowed to execute on a specific device.
Cleared - A file that has been cleared within the organization. Cleared files include files that are Waived,
added to the Safe list, and deleted from the Quarantine folder on a device.
For more detail about events, see Advanced Threat Prevention Classifications and Advanced Threats Top Ten
Advanced Threats by Priority
Advanced Threats by Priority classifies suspicious files by priority levels of High, Medium, and Low. This
prioritization helps administrators determine which threats and devices to address first. To view a list of
threats with the corresponding priority level, click a value in the Advanced Threats by Priority field on the
Dashboard.
Files are analyzed for the following attributes:
The file has a Cylance score greater than 80.
A score is assigned to each file that is deemed Abnormal or Unsafe. The score represents the
confidence level that the file is malware. The higher the number, the greater the confidence.
The file is currently running.
The file has been run previously.
The file is set to auto run.
The file is detected by Execution Control.
Files are prioritized based on the number of the above attributes it has:
Low = 0-1 attributes
Medium = 2-3 attributes
High = 4-5 attributes
As an example, following is the analysis of three threats: