Provides specific information about endpoints with spyware/grayware detections, such as the managed product that detected the spyware/grayware, the type of scan that detected the spyware/grayware, and the file path on the endpoint to the detected spyware/grayware
Data |
Description |
---|---|
Received |
The date and time Apex Central received the data from the managed product |
Generated |
The date and time the managed product generated the data |
Product Entity/Endpoint |
Depending on the related source:
|
Product/Endpoint IP |
Depending on the related source:
|
Product |
The name of the managed product or service Example: Apex One, ScanMail for Microsoft Exchange |
Managing Server Entity |
The display name of the managed product server in Apex Central to which the endpoint reports |
Spyware/Grayware |
The name of the security threat |
Endpoint |
The IP address or name of the endpoint that the threat accessed |
Source Host |
The IP address or name of the endpoint from which the security threat originated |
User |
The logged on user name at the time of the event |
Scan Type |
The type of scan that reported the event (for example, Real-time Scan, Scheduled Scan, Manual Scan) |
Resource |
The specific resource affected by the security threat Example: application.exe, H Key Local Machine\SOFTWARE\ACME |
Resource Type |
The type of resource affected by the security threat Example: registry, memory resource |
Security Threat Type |
The type of security threat Example: adware, COOKIE, peer-to-peer application |
Risk Level |
The risk level of the security threat Example: High security, Medium security, Low security |
Result |
The result of the action taken by the managed product Example: successful, further action required |
Action |
The action taken by the managed product Example: File cleaned, File quarantined, File deleted |
Detections |
The total number of detections |
Cloud Service Vendor |
The name of the cloud service vendor |