Provides specific information about endpoints with spyware/grayware detections, such
as the managed product that detected the spyware/grayware, the type of scan that
detected the spyware/grayware, and the file path on the endpoint to the detected
spyware/grayware
Endpoint Spyware/Grayware Data View
|
Data
|
Description
|
|
Received
|
The date and time Apex Central received
the data from the managed product
|
|
Generated
|
The date and time the managed product generated the
data
|
|
Product Entity/Endpoint
|
Depending on the related source:
|
|
Product/Endpoint IP
|
Depending on the related source:
|
|
Product
|
The name of the managed product or service
Example: Apex One, ScanMail for Microsoft Exchange
|
|
Managing Server Entity
|
The display name of the managed product
server in Apex Central
to which the endpoint reports
|
|
Spyware/Grayware
|
The name of the security threat
|
|
Endpoint
|
The IP address or name of the endpoint that the
threat accessed
|
|
Source Host
|
The IP address or name of the endpoint from which
the security threat originated
|
|
User
|
The logged on user name at the time of the event
|
|
Scan Type
|
The type of scan that reported the event (for example,
Real-time Scan, Scheduled Scan, Manual Scan)
|
|
Resource
|
The specific resource affected by the security threat
Example:
application.exe, H
Key Local Machine\SOFTWARE\ACME |
|
Resource Type
|
The type of resource affected by the security threat
Example: registry, memory resource
|
|
Security Threat Type
|
The type of security threat
Example: adware, COOKIE, peer-to-peer application
|
|
Risk Level
|
The risk level of the security
threat
Example: High
security, Medium security, Low security
|
|
Result
|
The result of the action taken by the managed
product
Example: successful, further
action required
|
|
Action
|
The action taken by the managed product
Example: File cleaned, File quarantined, File deleted
|
|
Detections
|
The total number of detections
|
|
Cloud Service Vendor
|
The name of the cloud service vendor
|