Trend Vision One consolidates suspicious object information from different sources.
A suspicious object is a known malicious or potentially malicious domain, file SHA-1,
file
SHA-256, IP address, sender address, or URL.
You can add suspicious objects to the list manually or though extraction from third-party
intelligence. In addition, Sandbox Analysis adds suspicious objects to the list after
determining
possible threats for consolidation and synchronization. Sandbox Analysis then assigns
risk level
based on analysis results.
![]() |
Note
|
The following table outlines the actions available on the Suspicious Object
List tab.
Action
|
Description
|
||
Filter suspicious object data
|
Use the search field or the following drop-down lists to search specific object data:
|
||
Add or import suspicious objects
|
Click Add to open the Add
Suspicious Object screen.
For more information, see Adding or importing suspicious
objects.
|
||
View or edit suspicious object details
|
Click any object name to open the Suspicious Object Details
panel.
|
||
Manage suspicious objects
|
Manage one or more suspicious objects. Options include:
|
||
Configure default settings
|
Click
![]()
|
||
Export object data
|
Click
![]() |
||
Refresh object data
|
Click
![]() |