Viewing the Handling Process

The Handling Process screen provides an overview of the life-cycle for a suspicious object in your environment and current effect of the suspicious object to your users or endpoints.


Viewing the handling process requires additional licensing. Ensure that you have a valid license for Apex One Sandbox as a Service or contact your service provider for the Activation Code.

  1. Go to Threat Intel > Virtual Analyzer Suspicious Objects.
  2. Click the View link in the Handling Process column of the table for a specific suspicious object.

    The Handling Process screen appears.

  3. Click any of the following tabs to view more information about the suspicious object.




    Displays the Virtual Analyzer analysis of the submitted object

    Virtual Analyzer determines the risk level of suspicious objects based on their potential to expose systems to danger or loss. Supported objects include files (SHA-1 hash values), IP addresses, domains, and URLs.


    Displays all products that synchronized the Suspicious Object list and the last synchronization time

    Apex Central consolidates Virtual Analyzer and user-defined suspicious object lists (excluding exceptions) and synchronizes the lists with integrated managed products.

    Impact Analysis & Mitigation

    Displays all endpoints and users affected by the suspicious object

    • For File detections, the Latest Action Result column displays the last action result reported from managed products.

    • For all other detection types, the Latest Action Result column displays "N/A".

    Click the Root Cause Analysis link to further investigate how the object affected the user or endpoint.