Viewing Synchronized Suspicious Objects

Procedure

1. Go to Detections → Suspicious Objects → Synchronized Suspicious Objects.
2. Filter the suspicious object results.
   1. Specify the search criteria by suspicious object type or time period.
      • Type (All, File, IP Address, URLs, or Domains)
      • Period (Last 4 hours, Last 24 hours, Last 7 days, Last 30 days, Last 90 days, Custom range)
        The chosen period represents the last synchronization time.

      When specifying a type or period, Deep Discovery Web Inspector dynamically filters the results.
   2. Filter the results by entering the search criteria in the search box (IP address, domain, URL, or file SHA-1) and then press ENTER.
   All detections matching the search criteria appear.
3. View the results.

   Header	Description
   Suspicious Object	View the IP address, domain, URL, or file SHA-1 associated with the synchronized suspicious object.
   Type	View the suspicious object type (File, IP address, URL, or Domain).
   Risk Level	View the level of potential danger in an suspicious object.
   Source	View the source of the synchronized suspicious object. The source can be one of the following: Trend Micro Apex Central Deep Discovery Director
   User Defined	View whether the synchronized suspicious object is user-defined or not.
   Expiration	View the date and time the object is not considered suspicious.
   Last Synchronized	View the date and time the entry was last synchronized with the source.