Threat information received from the following data sources prompts Threat Mitigator to issue mitigation tasks to the affected endpoints.
Threat Management Agent can monitor Trend Micro™ OfficeScan™ security risk logs and perform mitigation if necessary.
The log monitoring feature supports OfficeScan 10 and later and only checks virus/malware detection logs during Real-time Scan.
Note: OfficeScan provides other scan types, such as Manual Scan and Scheduled Scan.
Threat mitigation is triggered when virus/malware detection logs contain any of the following scan results:
Quarantined
Unable to quarantine the file
Unable to clean or quarantine the file
Renamed
Unable to rename the file
Unable to clean or rename the file
Deleted
Unable to delete the file
Unable to clean or delete the file
During threat mitigation, the agent retrieves the path of an infected file and then uses the Pattern-free Mitigation Engine to check for other files or processes associated with the infected file.
This screen displays a list of Threat Discovery Appliance devices registered to Threat Mitigator. The registered Threat Discovery Appliance devices send information gathered from the network to Threat Mitigator. Threat Mitigator analyzes and assesses the data to determine mitigation action.
Use the Threat Discovery Appliance console to register the appliance to Threat Mitigator.
Note: Use the Trash icon () to remove Threat Discovery Appliance from the list. When you remove the appliance from the list, the appliance continues to send mitigation requests to Threat Mitigator, but Threat Mitigator ignores the requests. Unregister Threat Discovery Appliance from Threat Mitigator to prevent the appliance from sending mitigation requests. Unregistration is done from the Threat Discovery Appliance console.