Provides specific information about email messages
with advanced threats, such as anomalous behavior, false or misleading data,
suspicious and malicious behavior patterns, and strings that indicate system
compromise but require further investigation to confirm
|
Data
|
Description
|
|
Received
|
The date and time Trend Micro Apex Central received
the data from the managed product
|
|
Product Entity
|
The display name of the managed product
server in Trend Micro Apex Central
|
|
Product
|
The name of the managed product or service
Example: Apex One, ScanMail for Microsoft Exchange
|
|
Recipients
|
The recipient(s) of the email message that triggered
the detection
|
|
Sender
|
The sender of the email message that triggered the
detection
|
|
Subject
|
The subject of the email message that triggered the
detection
|
|
Attachment Count
|
The number of email attachments
|
|
Attachment
|
The name of the email attachment
|
|
Attachment Type
|
The type of email attachment
|
|
Action
|
The action taken by the managed product
Example: deliver, strip, quarantine
|
|
Threat Type
|
The type of security threat
|
|
Threat Name
|
The name of the security threat
|
|
Risk Level
|
The email message risk level after investigation
|
|
Source IP
|
The message transfer agent (MTA) IP address nearest to the email
sender
|
|
Message ID
|
The administrator-configured unique message ID
|
|
Link Count
|
The number of links in the email message
|
|
Links
|
The list of links in the email message
|