Reference Guide
Security Management Server - AdminHelp v9.8
239
Threats - Lists all threats discovered in your organization. This information includes File Name and File
Status (Unsafe, Abnormal, Waived, and Quarantined).
Devices - Lists all devices in your organization that have an Agent installed. This information includes Device
Name, OS Version, Agent Version, and Policy applied.
Events - Lists all events related to the Threat Events Graph on the Dashboard for the last 30 days. This
information includes File Hash, Device Name, File Path, and the Date the event occurred.
Indicators - Lists each threat and the associated threat characteristics.
Cleared - Lists all files that have been cleared in your organization. This information includes files that were
Waived, added to the Safe List, or deleted from the quarantine folder on a device.
Export Data
To access the exported data:
1. Select Generate token.
2. Copy the URL of the desired data and paste it into a web browser address field.
3. In the URL, replace [Token] with the generated token displayed in the Token field.
To disable access to the exported data, select Delete or regenerate to invalidate the current token. After
regenerating a token, provide it to persons who should have continued access to the exported data.
Advanced Threat Prevention Classifications
The Advanced Threat Prevention Classifications pane shows a heat map of threats. The color indicates the
priority classification of the threat. The size of the box indicates the relative number of endpoints that have
a particular threat. This classification helps administrators determine which threats and devices to address
first. Click a threat to view threat and device details.
Threat classifications include the following:
Malware
• Trojan
• Downloader
Potentially Unwanted Programs (PUP)
• Adware
• Hacking Tool
• Portable Application
Enable Compatibility Mode for Memory Protection
Compatibility Mode allows applications to run on the client computer while Memory Protection or Memory
Protection and Script Control policies are enabled. Compatibility Mode is enabled through a registry setting
or a command on the client computer. Compatibility Mode does not apply to Mac clients.
To enable Compatibility Mode with a registry setting:
1. In the Remote Management Console, disable the Memory Protection Enabled policy. If the Script
Control policy is enabled, disable it.