Advanced Threat Events

Table 1. Advanced Threat Events

Event

Description

High risk Virtual Analyzer detections

Suspicious objects with high severity detections, as reported by Virtual Analyzer

High risk host detections

Hosts with high severity detections

SHA-1 Deny List detections

Detections that match SHA-1 values in the Deny List

Known targeted attack behavior

Detections that match known targeted attack behavior

Potential document exploit detections

Detections that match embedded exploit code

Rootkit or hacking tool detections

Detections that match known rootkit characteristics

Worm or file infector propagation detections

Detections that match known worm or file infector characteristics

Correlated incidents

Detections that match the Deep Discovery Inspector correlation rule