Views:

Suspicious objects are digital artifacts resulting from an analysis completed by Trend Micro Deep Discovery products or other sources. Apex One can synchronize suspicious objects and retrieve actions against these objects from a Control Manager 7.0 (or later) or the Apex Central 2019 (or later) on-premises server (that is connected to Deep Discovery).

After subscribing to Control Manager or Apex Central, select the types of suspicious objects to monitor C&C callbacks or possible targeted attacks identified by agents on the network. Suspicious objects include:

  • Suspicious URL List

  • Suspicious IP List

  • Suspicious File List

  • Suspicious Domain List

Note:

If Apex One is subscribed to Deep Discovery Analyzer, only the suspicious URL list is available. After you unsubscribe Apex One from Deep Discovery Analyzer, it is not possible to re-subscribe. Apex One must subscribe to Apex Central with a connected to Deep Discovery to synchronize suspicious objects.

For more information about how Apex Central manages suspicious objects, see the Apex Central Administrator's Guide.