Views:
The Advanced Threat Indicators widget displays the total advanced detections for each threat indicator type per selected time period and the change between the number of detections from the last period for each indicator.
  • Click a number under the Total column to learn more about the detections for that indicator. Clicking a number opens the All Detections screen with the appropriate threat indicator filter set to see detections only for that indicator type.
  • Threat indicators include:
    • Ransomware Detections
      All ransomware detections found by URL category or Scan Engine.
    • C&C Callbacks
      Detections found for C&C Callbacks by URL category or Scan Engine
    • Suspicious URLs
      Detections that are part of the Suspicious Object blocked list detections, or the 0-day phishing threat detected by Dynamic URL Scanning.
    • Suspicious Documents
      High risk detections for Office and PDF documents.
    • Suspicious Scripts
      High risk detections for certain scripts including html/html application, javascript, java jar/class, vb, windows shell or script, .bat, or .svg files.
    • Suspicious Malware
      High risk file detections that do not fall into the SO suspicious document or suspicious script indicators
    • Coin Miners
      All coin miner detections found by URL category or Scan Engine.
Keywords: widget,Threat Monitoring tab, Advanced Threat Indicators widget,Advanced Threat Indicators widget