Threat Mitigator Components

Threat Mitigator Components

Threat Mitigator uses the following components:

Threat Mitigator components

Component

Description

Virus Scan Engine

Works with the Smart Scan Agent Pattern to identify the latest virus/malware and mixed threat attacks

Smart Scan Agent Pattern

A lightweight pattern that contains information to identify the latest virus/malware and mixed threat attacks. This pattern is used with the Smart Scan Pattern hosted on a Smart Protection Server to provide the same level of protection offered by conventional anti-malware patterns.

Damage Cleanup Engine

Scans endpoints for and repairs damage caused by malware. This engine can also check for vulnerabilities.

  • Update this component only if you have security enforcement as part of your protection strategy.

Vulnerability Pattern

Contains information about vulnerabilities in popular software products and is used to identify vulnerabilities in endpoints

  • Update this component only if you have security enforcement as part of your protection strategy.

Damage Cleanup Template

Contains cleanup information that is used by the Damage Cleanup Engine to identify malware and remove them from endpoints

Anti-rootkit Driver

Detects rootkits, sophisticated malware programs that are able to hide from Windows APIs and the detection tools that leverage them

Pattern-free
Mitigation Engine

Scans and removes threats detected by Threat Discovery Appliance

Pattern-free
Mitigation Template

Used by the Pattern-free Mitigation Engine to identify potential threats detected by Threat Discovery Appliance

Pattern Release History

Contains information about the latest patterns for supported antivirus products. Threat Mitigator uses this information to check whether endpoints are running the latest patterns.

  • Update this component only if you have security enforcement as part of your protection strategy.

Antivirus Product Detection Engine

Scans endpoints to determine whether they are running supported antivirus software

Threat
Management Agent

The program in the endpoint that:

  • Performs threat mitigation

  • Monitors endpoint security risk logs

  • Collects logs and forensic data

System Clean and Forensic Module

The module that:

  • Scans specifically for active malware to reduce scan time

  • Provides enhanced detection and cleanup to address complicated threats

  • Checks and compares scan results, and performs file recovery

Program

The program software currently installed

See also: