You can configure Security Agents to submit file objects that may contain previously unidentified threats to a Virtual Analyzer for further analysis. After assessing the objects, Virtual Analyzer adds any objects found to contain unknown threats to the Virtual Analyzer Suspicious Objects lists and distributes the lists to other Security Agents throughout the network.
For more information, see Suspicious Object List Settings.
Sample Submission requires the following:
You must register the Apex One server with a Control Manager server (7.0 or later) or the Trend Micro Apex Central server (2019 or later)
The Control Manager or Trend Micro Apex Central server must have an active connection to a Trend Micro Deep Discovery Analyzer server (5.1 or later)
Suspicious files include any of the following:
Programs not known to Trend Micro (downloaded through supported web browsers or email channels)
Heuristic detections of processes (downloaded through supported web browsers or email channels)
Low prevalence autorun programs on removable storage
The size of the sample files that the Security Agents can submit changes based on the type of Virtual Analyzer you use. For the Deep Discovery Analyzer server, sample files can be up to 50 MB in size. For Deep Discovery Analyzer as a Service Add-on, sample files can be up to 60 MB in size.