Detailed Predictive Machine Learning Information

This data view provides specific information about advanced unknown threats detected by Predictive Machine Learning.

Table 1. Detailed Predictive Machine Learning Information

Data

Description

Detection Time

Displays the time that Predictive Machine Learning detected the threat

Received

Displays the time that Control Manager receives data from the managed product

Product Entity/Endpoint

Displays one of the following:

  • The entity display name for a managed product

  • The IP address or host name of the endpoint with an agent (for example, the OfficeScan agent) installed

Product/Endpoint IP

Displays one of the following:

  • The IP address of the managed product server

  • The IP address of the endpoint with an agent installed

Product

Displays the name of the managed product

Server

Displays the host name of the managed product server

Probable Threat Type

Indicates the most likely type of threat contained in the file after Predictive Machine Learning compared the analysis to other known threats

Security Threat

The name of the security threat determined by the Predictive Machine Learning engine

Logon User

Displays the user name logged on to the endpoint when the managed product detected the threat

Type

The type of object that triggered the detection ("File" or "Process")

File Path

The path of the file object or the path of the program that executed the process

File Creation Time

Displays the file creation time of the detected object

Parent Process

The process that triggered the detected process

Process Command

The command that executed the detected process

Process Owner

Displays the user name associated with the detected process

Endpoint Infection Channel

The channel that the threat originated from

Infection Source

Displays the origin of the threat

Threat Probability

Indicates how closely the file/process matched the malware model

Action Result

The result of the action taken

Subject

The subject of the email message that triggered the detection

Delivery Time

The time that the email message was delivered to the mail server

Sender

The sender of the email message that triggered the detection

Recipients

The recipients of the email message that triggered the detection