Handling Process

The Handling Process screen breaks down the suspicious object handling process into phases.

Note:

A detailed explanation of the handling process is discussed in Suspicious Object Management and Handling Process.

Table 1. Suspicious Object Handling Process

Phase

Focus

Sample Submission

First and last submission of a sample that triggered the detection of the suspicious object

Analysis

The analyzing product, a link to an analysis report, and a list of notable characteristics exhibited by the suspicious object

Distribution

A list of Trend Micro products to which Control Manager sends suspicious objects

Impact Assessment

List of at-risk endpoints (endpoints affected by suspicious objects) and suspicious activities on these endpoints

Managed products took a "passive" action (such as Log or Pass) against these suspicious objects. If products took an "active" action, the endpoints will be listed under the Mitigation tab.

Click a link under Suspicious Activities to investigate further or open a new screen showing the sequence of activities in a graph.

Mitigation

"Active" actions (such as Block, Quarantine, or Delete) taken against suspicious objects during mitigation tasks