Suspicious Objects List Settings

Suspicious objects are digital artifacts resulting from an analysis completed by Trend Micro Deep Discovery products or other sources. OfficeScan can synchronize suspicious objects and retrieve actions against these objects from a Control Manager server (that is connected to Deep Discovery) or Deep Discovery Analyzer (for OfficeScan version 10.6).

After subscribing to Control Manager, enable the types of suspicious objects to monitor C&C callbacks or possible targeted attacks identified by agents on the network. The lists available include:

  • Suspicious URL List

  • Suspicious IP List

  • Suspicious File List

Note:

If OfficeScan is subscribed to Deep Discovery Analyzer, only the suspicious URL list is available. After you unsubscribe OfficeScan from Deep Discovery Analyzer, it is not possible to re-subscribe. OfficeScan must subscribe to Control Manager that is connected to Deep Discovery to synchronize suspicious objects.

For more information about how Control Manager manages suspicious objects, see the Connected Threat Defense Primer.