web
You’re offline. This is a read only version of the page.
close

Online Help Center

  • Search
  • Support
    • For Home
    • For Business
  • English (US)
    • Bahasa Indonesia (Indonesian)
    • Dansk (Danish)
    • Deutsch (German)
    • English (Australia)
    • English (US)
    • Español (Spanish)
    • Français (French)
    • Français Canadien
      (Canadian French)
    • Italiano (Italian)
    • Nederlands (Dutch)
    • Norsk (Norwegian)
    • Polski (Polish)
    • Português - Brasil
      (Portuguese - Brazil)
    • Português - Portugal
      (Portuguese - Portugal)
    • Svenska (Swedish)
    • ภาษาไทย (Thai)
    • Tiếng Việt (Vietnamese)
    • Türkçe (Turkish)
    • Čeština (Czech)
    • Ελληνικά (Greek)
    • Български (Bulgarian)
    • Русский (Russian)
    • עברית (Hebrew)
    • اللغة العربية (Arabic)
    • 日本語 (Japanese)
    • 简体中文
      (Simplified Chinese)
    • 繁體中文
      (Traditional Chinese)
    • 繁體中文 HK
      (Traditional Chinese)
    • 한국어 (Korean)
This website uses cookies for website functionality and traffic analytics. Our Cookie Notice provides more information and explains how to amend your cookie settings.
Learn More Yes, I agree
  • Online Help Center
  • Apex One SaaS
  • Apex One as a Service
  • Apex Central as a Service Widget and Policy Management Guide
  • Apex Central Widgets
Table of Contents
The page you're looking for can't be found or is under maintenance
Try again later or go to the home page
Go to home page
  • Preface
    • Documentation
    • Audience
    • Document Conventions
    • Terminology
  • Introduction
    • The Dashboard
      • About the Dashboard
      • Tabs and Widgets
        • Working with Tabs
        • Working with Widgets
      • Summary Tab
        • Critical Threats Widget
        • Users with Threats Widget
        • Endpoints with Threats Widget
        • Product Component Status Widget
        • Product Connection Status Widget
        • Ransomware Prevention Widget
      • Threat Investigation Tab
        • Critical Threats Widget
      • Security Posture Tab
        • Compliance Indicators
        • Critical Threats
        • Resolved Events
        • Security Posture Chart
        • Security Posture Details Pane
      • Data Loss Prevention Tab
        • DLP Incidents by Severity and Status Widget
        • DLP Incident Trends by User Widget
        • DLP Incidents by User Widget
        • DLP Incidents by Channel Widget
        • DLP Template Matches Widget
        • Top DLP Incident Sources Widget
        • DLP Violated Policy Widget
      • Compliance Tab
        • Product Application Compliance Widget
        • Product Component Status Widget
        • Product Connection Status Widget
        • Agent Connection Status Widget
      • Threat Statistics Tab
        • Apex Central Top Threats Widget
        • Apex Central Threat Statistics Widget
        • Threat Detection Results Widget
        • Policy Violation Detections Widget
        • C&C Callback Events Widget
    • Policy Management
      • Policy Management
        • Creating a New Policy
          • Filtering by Criteria
            • Assigning Endpoints to Filtered Policies
          • Specifying Policy Targets
          • Working with Parent Policy Settings
        • Copying Policy Settings
        • Inheriting Policy Settings
        • Modifying a Policy
        • Importing and Exporting Policies
        • Deleting a Policy
        • Changing the Policy Owner
        • Understanding the Policy List
        • Reordering the Policy List
      • Policy Status
    • Policy Resources
      • Application Control Criteria
        • Defining Allowed Application Criteria
        • Defining Blocked Application Criteria
        • Application Match Methods
          • Application Reputation List
          • File Paths
            • File Path Example Usage
          • Certificates
          • Hash Values
      • Data Loss Prevention
        • Data Identifier Types
          • Expressions
            • Predefined Expressions
              • Viewing Settings for Predefined Expressions
            • Customized Expressions
              • Criteria for custom expressions
              • Creating a Customized Expression
              • Importing Customized Expressions
          • File Attributes
            • Creating a File Attribute List
            • Importing a File Attribute List
          • Keywords
            • Predefined Keyword Lists
            • How keyword lists work
              • Number of keywords condition
              • Distance condition
            • Custom keyword lists
              • Custom keyword list criteria
              • Creating a Keyword List
              • Importing a Keyword List
        • Data Loss Prevention Templates
          • Predefined DLP Templates
          • Custom DLP templates
            • Condition statements and logical pperators
            • Creating a Template
            • Importing Templates
      • Intrusion Prevention Rules
        • Intrusion Prevention Rule Properties
      • Device Control Allowed Devices
  • Apex Central Widgets
    • Apex Central Dashboard Widgets
      • Apex Central Top File-based Threats Widgets
      • Endpoint Protection Verification Widget
      • Hosts with C&C Callback Attempts Widget
      • Policy Status
      • Quick Launch
      • Unique Compromised Hosts Over Time Widget
  • Apex One Widgets
    • Apex One Dashboard Widgets
      • Top Blocked Applications
      • Top Endpoints Affected by IPS Events Widget
      • Top IPS Attack Sources
      • Top IPS Events
      • Top Violated Application Control Criteria
  • Apex One Security Agent Policies
    • Agent Configurations
      • Additional Service Settings
        • Configuring Additional Security Agent Services
      • Privileges and Other Settings
        • Configuring Agent Privileges
        • Configuring Other Agent Settings
          • Cache Settings for Scans
            • Digital Signature Cache
            • On-demand Scan Cache
          • POP3 Mail Scan
      • Update Agents
        • Assigning Security Agents as Update Agents
    • Application Control Policy Settings
      • Application Control
        • Configuring Application Control Settings (Agent)
    • Behavior Monitoring Policy Settings
      • Behavior Monitoring
        • Behavior Monitoring Rules
        • Behavior Monitoring Exception List
          • Exception List Wildcard Support
          • Exception List Environment Variable Support
      • Configuring Behavior Monitoring Rules and Exceptions
    • Anti-malware Scans
      • General Settings
        • Guidelines for Switching Scan Methods
      • Real-time Scan
        • Configuring Real-time Scan Settings
          • Real-time Scan: Target Tab
          • Real-time Scan: Action Tab
          • Real-time Scan: Scan Exclusion Tab
      • Scheduled Scan
        • Configuring Scheduled Scan Settings
          • Scheduled Scan: Target Tab
          • Scheduled Scan: Action Tab
          • Scheduled Scan: Scan Exclusion Tab
      • Manual Scan
        • Configuring Manual Scan Settings
          • Manual Scan: Target Tab
          • Manual Scan: Action Tab
          • Manual Scan: Scan Exclusion Tab
      • Scan Now
        • Configuring Scan Now Settings
          • Scan Now: Target Tab
          • Scan Now: Action Tab
          • Scan Now: Scan Exclusion Tab
      • Scan Actions
        • ActiveAction
        • Custom Scan Actions
          • Quarantine Directory
        • Uncleanable Files
          • Files Infected with Trojans
          • Files Infected with Worms
          • Write-protected Infected Files
          • Password-protected Files
          • Backup Files
      • Scan Exclusion Support
        • Trend Micro Product Directory Exclusions
        • Wildcard Exceptions
    • Web Reputation Policy Settings
      • Web Reputation
      • Configuring a Web Reputation Policy
        • HTTPS URL Scan Support
    • Unknown Threat Protection
      • Predictive Machine Learning
        • Configuring Predictive Machine Learning Settings
      • Configuring Sample Submission Settings
      • Configuring Suspicious Connection Settings
    • Device Control Policy Settings
      • Device Control
      • Configuring Device Control Settings
        • Permissions for Devices
        • Wildcard Support for the Device Control Allowed Programs List
        • Specifying a Digital Signature Provider
    • Exceptions
      • Trusted Program List
        • Configuring the Trusted Programs List
      • Rule Exceptions
        • Configuring Rule Exceptions
      • Spyware/Grayware Approved List
        • Managing the Spyware/Grayware Approved List
    • Endpoint Sensor Policy Settings
      • Endpoint Sensor
      • Configuring Endpoint Sensor Settings
    • Vulnerability Protection Policy Settings
      • Vulnerability Protection
      • Configuring Vulnerability Protection Settings
        • Advanced Logging Policy Modes
  • Apex One Server Policies
    • Apex One Server Policy Settings
      • Global Agent Settings
        • Security Settings
        • System Settings
          • Root Certificate Locations
        • Network Settings
        • Agent Control Settings
  • Apex One Data Loss Prevention Policies
    • Apex One Data Loss Prevention Policy Settings
      • Data Loss Prevention (DLP)
      • Configuring a Data Loss Prevention Policy
        • Configuring Data Loss Prevention Rules
          • Transmission Scope and Targets for Network Channels
          • Network Channels
            • Email Clients
          • System and Application Channels
          • Device List Tool
            • Running the Device List Tool
          • Data Loss Prevention Actions
        • Data Loss Prevention Exceptions
          • Defining Non-monitored and Monitored Targets
            • Transmission Scope: All Transmissions
            • Transmission Scope: Only Transmissions Outside the Local Area Network
          • Decompression Rules
    • Apex One Data Discovery Dashboard Widgets
      • Top Sensitive File Policy Detections Widget
      • Top Endpoints with Sensitive Files Widget
      • Top Data Discovery Template Matches Widget
      • Top Sensitive Files Widget
    • Apex One Data Discovery Policy Settings
      • Creating Data Discovery Policies
  • Apex One (Mac) Widgets and Policies
    • Apex One (Mac) Dashboard Widgets
      • Key Performance Indicators Widget
        • Configuring Key Performance Indicators
        • Configuring Widget Settings
    • Apex One (Mac) Policy Settings
      • General Settings
        • Scan Methods Compared
        • Switching from Smart Scan to Conventional Scan
        • Switching from Conventional Scan to Smart Scan
      • Scan Types
        • Real-time Scan
          • Configuring Real-time Scan Settings
            • Real-time Scan: Target Tab
            • Real-time Scan: Action Tab
            • Supported Compressed File Types
            • Scan Actions
        • Manual Scan
          • Configuring Manual Scan Settings
            • Manual Scan: Target Tab
            • Manual Scan: Action Tab
            • Supported Compressed File Types
            • Scan Actions
        • Scheduled Scan
          • Configuring Scheduled Scan Settings
            • Scheduled Scan: Target Tab
            • Scheduled Scan: Action Tab
            • Supported Compressed File Types
            • Scan Actions
      • Cache Settings for Scans
      • Scan Exclusions
        • Configuring Scan Exclusion Lists
      • Update Settings
        • Pure IPv6 Agent Limitations
        • Configuring Agent Update Settings
      • Web Reputation
        • Configuring Web Reputation Settings
        • Configuring the Approved and Blocked URL Lists
      • Device Control
        • Configuring Device Control Settings
        • Permissions for Storage Devices
      • Endpoint Sensor
        • Configuring Endpoint Sensor Settings
      • Exception Lists
        • Configuring the Trusted Program List
      • Predictive Machine Learning Settings
      • Privileges and Other Settings
        • Protected Security Agent Files
Apex Central Widgets
Related information
  • Apex Central Dashboard Widgets
Online Help Center

Support
For Home For Business


Privacy Notice
© 2025 Trend Micro Incorporated. All rights reserved.
Table of Contents
  • Preface
    • Documentation
    • Audience
    • Document Conventions
    • Terminology
  • Introduction
    • The Dashboard
      • About the Dashboard
      • Tabs and Widgets
        • Working with Tabs
        • Working with Widgets
      • Summary Tab
        • Critical Threats Widget
        • Users with Threats Widget
        • Endpoints with Threats Widget
        • Product Component Status Widget
        • Product Connection Status Widget
        • Ransomware Prevention Widget
      • Threat Investigation Tab
        • Critical Threats Widget
      • Security Posture Tab
        • Compliance Indicators
        • Critical Threats
        • Resolved Events
        • Security Posture Chart
        • Security Posture Details Pane
      • Data Loss Prevention Tab
        • DLP Incidents by Severity and Status Widget
        • DLP Incident Trends by User Widget
        • DLP Incidents by User Widget
        • DLP Incidents by Channel Widget
        • DLP Template Matches Widget
        • Top DLP Incident Sources Widget
        • DLP Violated Policy Widget
      • Compliance Tab
        • Product Application Compliance Widget
        • Product Component Status Widget
        • Product Connection Status Widget
        • Agent Connection Status Widget
      • Threat Statistics Tab
        • Apex Central Top Threats Widget
        • Apex Central Threat Statistics Widget
        • Threat Detection Results Widget
        • Policy Violation Detections Widget
        • C&C Callback Events Widget
    • Policy Management
      • Policy Management
        • Creating a New Policy
          • Filtering by Criteria
            • Assigning Endpoints to Filtered Policies
          • Specifying Policy Targets
          • Working with Parent Policy Settings
        • Copying Policy Settings
        • Inheriting Policy Settings
        • Modifying a Policy
        • Importing and Exporting Policies
        • Deleting a Policy
        • Changing the Policy Owner
        • Understanding the Policy List
        • Reordering the Policy List
      • Policy Status
    • Policy Resources
      • Application Control Criteria
        • Defining Allowed Application Criteria
        • Defining Blocked Application Criteria
        • Application Match Methods
          • Application Reputation List
          • File Paths
            • File Path Example Usage
          • Certificates
          • Hash Values
      • Data Loss Prevention
        • Data Identifier Types
          • Expressions
            • Predefined Expressions
              • Viewing Settings for Predefined Expressions
            • Customized Expressions
              • Criteria for custom expressions
              • Creating a Customized Expression
              • Importing Customized Expressions
          • File Attributes
            • Creating a File Attribute List
            • Importing a File Attribute List
          • Keywords
            • Predefined Keyword Lists
            • How keyword lists work
              • Number of keywords condition
              • Distance condition
            • Custom keyword lists
              • Custom keyword list criteria
              • Creating a Keyword List
              • Importing a Keyword List
        • Data Loss Prevention Templates
          • Predefined DLP Templates
          • Custom DLP templates
            • Condition statements and logical pperators
            • Creating a Template
            • Importing Templates
      • Intrusion Prevention Rules
        • Intrusion Prevention Rule Properties
      • Device Control Allowed Devices
  • Apex Central Widgets
    • Apex Central Dashboard Widgets
      • Apex Central Top File-based Threats Widgets
      • Endpoint Protection Verification Widget
      • Hosts with C&C Callback Attempts Widget
      • Policy Status
      • Quick Launch
      • Unique Compromised Hosts Over Time Widget
  • Apex One Widgets
    • Apex One Dashboard Widgets
      • Top Blocked Applications
      • Top Endpoints Affected by IPS Events Widget
      • Top IPS Attack Sources
      • Top IPS Events
      • Top Violated Application Control Criteria
  • Apex One Security Agent Policies
    • Agent Configurations
      • Additional Service Settings
        • Configuring Additional Security Agent Services
      • Privileges and Other Settings
        • Configuring Agent Privileges
        • Configuring Other Agent Settings
          • Cache Settings for Scans
            • Digital Signature Cache
            • On-demand Scan Cache
          • POP3 Mail Scan
      • Update Agents
        • Assigning Security Agents as Update Agents
    • Application Control Policy Settings
      • Application Control
        • Configuring Application Control Settings (Agent)
    • Behavior Monitoring Policy Settings
      • Behavior Monitoring
        • Behavior Monitoring Rules
        • Behavior Monitoring Exception List
          • Exception List Wildcard Support
          • Exception List Environment Variable Support
      • Configuring Behavior Monitoring Rules and Exceptions
    • Anti-malware Scans
      • General Settings
        • Guidelines for Switching Scan Methods
      • Real-time Scan
        • Configuring Real-time Scan Settings
          • Real-time Scan: Target Tab
          • Real-time Scan: Action Tab
          • Real-time Scan: Scan Exclusion Tab
      • Scheduled Scan
        • Configuring Scheduled Scan Settings
          • Scheduled Scan: Target Tab
          • Scheduled Scan: Action Tab
          • Scheduled Scan: Scan Exclusion Tab
      • Manual Scan
        • Configuring Manual Scan Settings
          • Manual Scan: Target Tab
          • Manual Scan: Action Tab
          • Manual Scan: Scan Exclusion Tab
      • Scan Now
        • Configuring Scan Now Settings
          • Scan Now: Target Tab
          • Scan Now: Action Tab
          • Scan Now: Scan Exclusion Tab
      • Scan Actions
        • ActiveAction
        • Custom Scan Actions
          • Quarantine Directory
        • Uncleanable Files
          • Files Infected with Trojans
          • Files Infected with Worms
          • Write-protected Infected Files
          • Password-protected Files
          • Backup Files
      • Scan Exclusion Support
        • Trend Micro Product Directory Exclusions
        • Wildcard Exceptions
    • Web Reputation Policy Settings
      • Web Reputation
      • Configuring a Web Reputation Policy
        • HTTPS URL Scan Support
    • Unknown Threat Protection
      • Predictive Machine Learning
        • Configuring Predictive Machine Learning Settings
      • Configuring Sample Submission Settings
      • Configuring Suspicious Connection Settings
    • Device Control Policy Settings
      • Device Control
      • Configuring Device Control Settings
        • Permissions for Devices
        • Wildcard Support for the Device Control Allowed Programs List
        • Specifying a Digital Signature Provider
    • Exceptions
      • Trusted Program List
        • Configuring the Trusted Programs List
      • Rule Exceptions
        • Configuring Rule Exceptions
      • Spyware/Grayware Approved List
        • Managing the Spyware/Grayware Approved List
    • Endpoint Sensor Policy Settings
      • Endpoint Sensor
      • Configuring Endpoint Sensor Settings
    • Vulnerability Protection Policy Settings
      • Vulnerability Protection
      • Configuring Vulnerability Protection Settings
        • Advanced Logging Policy Modes
  • Apex One Server Policies
    • Apex One Server Policy Settings
      • Global Agent Settings
        • Security Settings
        • System Settings
          • Root Certificate Locations
        • Network Settings
        • Agent Control Settings
  • Apex One Data Loss Prevention Policies
    • Apex One Data Loss Prevention Policy Settings
      • Data Loss Prevention (DLP)
      • Configuring a Data Loss Prevention Policy
        • Configuring Data Loss Prevention Rules
          • Transmission Scope and Targets for Network Channels
          • Network Channels
            • Email Clients
          • System and Application Channels
          • Device List Tool
            • Running the Device List Tool
          • Data Loss Prevention Actions
        • Data Loss Prevention Exceptions
          • Defining Non-monitored and Monitored Targets
            • Transmission Scope: All Transmissions
            • Transmission Scope: Only Transmissions Outside the Local Area Network
          • Decompression Rules
    • Apex One Data Discovery Dashboard Widgets
      • Top Sensitive File Policy Detections Widget
      • Top Endpoints with Sensitive Files Widget
      • Top Data Discovery Template Matches Widget
      • Top Sensitive Files Widget
    • Apex One Data Discovery Policy Settings
      • Creating Data Discovery Policies
  • Apex One (Mac) Widgets and Policies
    • Apex One (Mac) Dashboard Widgets
      • Key Performance Indicators Widget
        • Configuring Key Performance Indicators
        • Configuring Widget Settings
    • Apex One (Mac) Policy Settings
      • General Settings
        • Scan Methods Compared
        • Switching from Smart Scan to Conventional Scan
        • Switching from Conventional Scan to Smart Scan
      • Scan Types
        • Real-time Scan
          • Configuring Real-time Scan Settings
            • Real-time Scan: Target Tab
            • Real-time Scan: Action Tab
            • Supported Compressed File Types
            • Scan Actions
        • Manual Scan
          • Configuring Manual Scan Settings
            • Manual Scan: Target Tab
            • Manual Scan: Action Tab
            • Supported Compressed File Types
            • Scan Actions
        • Scheduled Scan
          • Configuring Scheduled Scan Settings
            • Scheduled Scan: Target Tab
            • Scheduled Scan: Action Tab
            • Supported Compressed File Types
            • Scan Actions
      • Cache Settings for Scans
      • Scan Exclusions
        • Configuring Scan Exclusion Lists
      • Update Settings
        • Pure IPv6 Agent Limitations
        • Configuring Agent Update Settings
      • Web Reputation
        • Configuring Web Reputation Settings
        • Configuring the Approved and Blocked URL Lists
      • Device Control
        • Configuring Device Control Settings
        • Permissions for Storage Devices
      • Endpoint Sensor
        • Configuring Endpoint Sensor Settings
      • Exception Lists
        • Configuring the Trusted Program List
      • Predictive Machine Learning Settings
      • Privileges and Other Settings
        • Protected Security Agent Files
Close