Provides specific information about email messages with advanced threats, such as anomalous behavior, false or misleading data, suspicious and malicious behavior patterns, and strings that indicate system compromise but require further investigation to confirm
|
Data |
Description |
|---|---|
|
Received |
The date and time Apex Central received the data from the managed product |
|
Product Entity |
The display name of the managed product server in Apex Central |
|
Product |
The name of the managed product or service Example: Apex One, ScanMail for Microsoft Exchange |
|
Recipients |
The recipient(s) of the email message that triggered the detection |
|
Sender |
The sender of the email message that triggered the detection |
|
Subject |
The subject of the email message that triggered the detection |
|
Attachment Count |
The number of email attachments |
|
Attachment |
The name of the email attachment |
|
Attachment Type |
The type of email attachment |
|
Action |
The action taken by the managed product Example: deliver, strip, quarantine |
|
Threat Type |
The type of security threat |
|
Threat Name |
The name of the security threat |
|
Risk Level |
The email message risk level after investigation |
|
Source IP |
The message transfer agent (MTA) IP address nearest to the email sender |
|
Message ID |
The administrator-configured unique message ID |
|
Link Count |
The number of links in the email message |
|
Links |
The list of links in the email message |