Provides specific information about advanced unknown threats detected by Predictive Machine Learning
Data |
Description |
---|---|
Detection Time |
The date and time the managed product server or the Security Agent detected the threat |
Received |
The date and time Apex Central received the data from the managed product |
Product Entity/Endpoint |
Depending on the related source:
|
Product/Endpoint IP |
Depending on the related source:
|
Product |
The name of the managed product or service |
Server |
The display name of the managed product server in Apex Central |
Probable Threat Type |
The most likely type of threat contained in the file after Predictive Machine Learning compared the analysis to other known threats |
Security Threat |
The name of the security threat |
Logon User |
The logged on user name at the time of the event |
Type |
The type of object that triggered the detection ("File" or "Process") |
File Path |
The path of the file object or the path of the program that executed the process |
File Creation Time |
The date and time the file object was created |
Parent Process |
The process that triggered the detected process |
Process Command |
The command that executed the detected process |
Process Owner |
The user name that triggered the detected process |
Endpoint Infection Channel |
The channel that the threat originated from |
Infection Source |
The origin of the threat |
Threat Probability |
How closely the file/process matched the malware model |
Action Result |
The result of the action taken by the managed product |
Subject |
The subject of the email message that triggered the detection |
Delivery Time |
The date and time the email message was delivered to the mail server |
Sender |
The sender of the email message that triggered the detection |
Recipients |
The recipient(s) of the email message that triggered the detection |
Cloud Service Vendor |
The name of the cloud service vendor |