User-Defined Suspicious Objects

Consolidate suspicious object information based on input from different sources.

The User-Defined Suspicious Objects screen (Detections → User-Defined Suspicious Objects) contains the User-Defined Suspicious Objects list and the Exception list.

Suspicious objects are known malicious or potentially malicious domains, file SHA-1, file SHA-256, IP addresses, or URLs. Exceptions are objects that are considered safe.

Note

Deep Discovery Inspector retrieves the User-Defined Suspicious Objects list and the Exception list from Trend Vision One, Deep Discovery Director, and Apex Central.

The following table outlines the actions available on the User-Defined Suspicious Objects screen.

Action

Description

Display the User-Defined Suspicious Objects list

Click on the Suspicious Objects tab to display the User-Defined Suspicious Objects list.

Display the Exceptions list

Click on the Exceptions tab to display the Exceptions list.

Filter object data

Use the search field or object type list to filter objects.

Tip

The search field is not case-sensitive and allows partial matches.

Sort list

Click any of the column titles to sort the User-Defined Suspicious Objects list or the Exceptions list.

Note

You can sort only one column at a time.

Export all synchronized data

On the Suspicious Objects tab, click Export All (

) to export all synchronized suspicious object data into a CSV file.

On the Exceptions tab, click Export All (

) to export all synchronized exceptions data into a CSV file.

/*<![CDATA[*/ $('#title').html($('meta[name=description]').attr('content')); /*]]>*/