Views:

Provides specific information about advanced unknown threats detected by Predictive Machine Learning

Table 1. Detailed Predictive Machine Learning Information

Data

Description

Detection Time

The date and time the managed product server or the Security Agent detected the threat

Received

The date and time Apex Central received the data from the managed product

Product Entity/Endpoint

Depending on the related source:

  • The display name of the managed product server in Apex Central

  • The name or IP address of the endpoint

Product/Endpoint IP

Depending on the related source:

  • The IP address of the managed product server

  • The IP address of the endpoint

Product

The name of the managed product or service

Server

The display name of the managed product server in Apex Central

Probable Threat Type

The most likely type of threat contained in the file after Predictive Machine Learning compared the analysis to other known threats

Security Threat

The name of the security threat

Logon User

The logged on user name at the time of the event

Type

The type of object that triggered the detection ("File" or "Process")

File Path

The path of the file object or the path of the program that executed the process

File Creation Time

The date and time the file object was created

Parent Process

The process that triggered the detected process

Process Command

The command that executed the detected process

Process Owner

The user name that triggered the detected process

Endpoint Infection Channel

The channel that the threat originated from

Infection Source

The origin of the threat

Threat Probability

How closely the file/process matched the malware model

Action Result

The result of the action taken by the managed product

Subject

The subject of the email message that triggered the detection

Delivery Time

The date and time the email message was delivered to the mail server

Sender

The sender of the email message that triggered the detection

Recipients

The recipient(s) of the email message that triggered the detection

Cloud Service Vendor

The name of the cloud service vendor