Suspicious objects are digital artifacts resulting from an analysis completed by Trend Micro Deep Discovery products or other sources. Apex One can synchronize the Suspicious Object lists and retrieve actions against these objects from one of the following sources:
-
Apex Central
-
Deep Discovery Analyzer 5.1 (or later)
-
A Control Manager 7.0 (or later) or the Apex Central 2019 (or later) on-premises server (that is connected to Deep Discovery)
-
You must subscribe Apex One to a suspicious object source to synchronize the Suspicious Object lists.
-
If Apex One is subscribed to Deep Discovery Analyzer, only the suspicious URL list is available.
After you subscribe Apex One to a suspicious object source, select the types of suspicious objects to monitor for C&C callbacks or possible targeted attacks identified by agents on the network. Suspicious objects include:
-
Suspicious URL List
-
Suspicious IP List
-
Suspicious File List
-
Suspicious Domain List