Suspicious objects are digital artifacts resulting from an analysis completed by
Trend Micro Deep Discovery products or other sources. Apex One can synchronize suspicious objects and retrieve actions against these
objects from a Control Manager 7.0 (or later) or the Apex Central 2019 (or later)
on-premises
server (that is connected to Deep Discovery).
After subscribing to Control Manager or Apex Central, select the types of
suspicious objects to monitor C&C callbacks or possible targeted attacks identified
by agents
on the network. Suspicious objects include:
-
Suspicious URL List
-
Suspicious IP List
-
Suspicious File List
-
Suspicious Domain List
 |
NoteIf Apex One is
subscribed to Deep Discovery Analyzer, only the suspicious URL list is available.
After you
unsubscribe Apex One from Deep
Discovery Analyzer, it is not possible to re-subscribe. Apex One must subscribe to Apex Central
with a connected to Deep Discovery to synchronize suspicious objects.
For more information about how Apex Central manages suspicious objects, see the
Apex Central Administrator's Guide.
|