You can configure Security Agents to submit file objects that may contain previously unidentified threats to a Virtual Analyzer for further analysis. After assessing the objects, Virtual Analyzer adds any objects found to contain unknown threats to the Virtual Analyzer Suspicious Objects lists and distributes the lists to other Security Agents throughout the network.
Suspicious files include any of the following:
-
Programs not known to Trend Micro (downloaded through supported web browsers or email channels)
-
Heuristic detections of processes (downloaded through supported web browsers or email channels)
-
Low prevalence autorun programs on removable storage
The size of the sample files that the Security Agents can submit changes based on the type of Virtual Analyzer you use. For the Deep Discovery Analyzer server, sample files can be up to 50 MB in size. For Deep Discovery Analyzer as a Service Add-on, sample files can be up to 60 MB in size.