Provides specific information about advanced unknown
threats detected by Predictive Machine Learning
Detailed Predictive Machine Learning Information
|
Data
|
Description
|
|
Detection Time
|
The date and time the managed product server or the Security Agent
detected the threat
|
|
Received
|
The date and time Apex Central received
the data from the managed product
|
|
Product Entity/Endpoint
|
Depending on the related source:
|
|
Product/Endpoint IP
|
Depending on the related source:
|
|
Product
|
The name of the managed product or service
|
|
Server
|
The display name of the managed product
server in Apex Central
|
|
Probable Threat Type
|
The most likely type of threat contained in the file after Predictive
Machine Learning compared the analysis to other known threats
|
|
Security Threat
|
The name of the security threat
|
|
Logon User
|
The logged on user name at the time of the event
|
|
Type
|
The type of object that triggered the detection ("File" or "Process")
|
|
File Path
|
The path of the file object or the path of the
program that executed the process
|
|
File Creation Time
|
The date and time the file object was created
|
|
Parent Process
|
The process that triggered the detected process
|
|
Process Command
|
The command that executed the detected process
|
|
Process Owner
|
The user name that triggered the detected process
|
|
Endpoint Infection Channel
|
The channel that the threat originated from
|
|
Infection Source
|
The origin of the threat
|
|
Threat Probability
|
How closely the file/process matched the malware model
|
|
Action Result
|
The result of the action taken by the managed
product
|
|
Subject
|
The subject of the email message that triggered the
detection
|
|
Delivery Time
|
The date and time the email message was delivered to the mail
server
|
|
Sender
|
The sender of the email message that triggered the
detection
|
|
Recipients
|
The recipient(s) of the email message that triggered
the detection
|
|
Cloud Service Vendor
|
The name of the cloud service vendor
|