Viewing Synchronized Suspicious Objects

Deep Discovery Email Inspector can synchronize suspicious objects with an external source (for example, Apex Central, Deep Discovery Director, or Deep Discovery Analyzer). View synchronized suspicious objects to understand your risk, find related messages, and assess the relative prevalence of the suspicious object.


If Deep Discovery Email Inspector is registered to both Apex Central and Deep Discovery Director 3.0 (or later), Deep Discovery Email Inspector synchronizes suspicious objects from Deep Discovery Director and overwrites existing suspicious objects from Apex Central.

  1. Go to Detections > Suspicious Objects > Synchronized Suspicious Objects.
  2. Specify the search criteria.
    • Suspicious Object (IP address, host name, URL, file SHA-1, or file SHA-256)
    • Period (time range to filter based on the last synchronized time)
  3. Press ENTER.

    All suspicious objects matching the search criteria appear.

  4. View the results.



    Suspicious Object

    View the IP address, host name, URL, file SHA-1, or file SHA-256 associated with the synchronized suspicious object.


    View the suspicious object type (Domain, File, IP, or URL).

    Risk Level

    View the level of potential danger in a sample after Virtual Analyzer executes the file or opens the URL.


    View the source of the synchronized suspicious object.

    The source can be one of the following:

    • Apex Central

    • Deep Discovery Analyzer

    • Deep Discovery Director


    View whether the synchronized suspicious object is user-defined or not.


    View the date and time the object is not considered suspicious.

    Last Synchronized

    View the date and time the entry was last synchronized with the source.