Provides specific information about advanced unknown threats detected by Predictive Machine Learning
|
Data |
Description |
|---|---|
|
Detection Time |
The date and time the managed product server or the Security Agent detected the threat |
|
Received |
The date and time Apex Central received the data from the managed product |
|
Product Entity/Endpoint |
Depending on the related source:
|
|
Product/Endpoint IP |
Depending on the related source:
|
|
Product |
The name of the managed product or service |
|
Server |
The display name of the managed product server in Apex Central |
|
Probable Threat Type |
The most likely type of threat contained in the file after Predictive Machine Learning compared the analysis to other known threats |
|
Security Threat |
The name of the security threat |
|
Logon User |
The logged on user name at the time of the event |
|
Type |
The type of object that triggered the detection ("File" or "Process") |
|
File Path |
The path of the file object or the path of the program that executed the process |
|
File Creation Time |
The date and time the file object was created |
|
Parent Process |
The process that triggered the detected process |
|
Process Command |
The command that executed the detected process |
|
Process Owner |
The user name that triggered the detected process |
|
Endpoint Infection Channel |
The channel that the threat originated from |
|
Infection Source |
The origin of the threat |
|
Threat Probability |
How closely the file/process matched the malware model |
|
Action Result |
The result of the action taken by the managed product |
|
Subject |
The subject of the email message that triggered the detection |
|
Delivery Time |
The date and time the email message was delivered to the mail server |
|
Sender |
The sender of the email message that triggered the detection |
|
Recipients |
The recipient(s) of the email message that triggered the detection |