Configuring Suspicious Object Settings

Trend Micro Apex Central consolidates and synchronizes the Virtual Analyzer and user-defined suspicious object lists with Trend Micro Email Security. Enable this feature to implement the lists during scanning.

Before you begin configuring this feature, make sure that:

  • You have installed Apex Central, and your Apex Central has a serving Deep Discovery product, which can be a Deep Discovery Inspector, Deep Discovery Email Inspector, or Deep Discovery Analyzer.

  • Your Trend Micro Email Security has been registered to a required Trend Micro Apex Central.

  • You have enabled Web Reputation settings in the spam policy you want to apply the suspicious URL list to.

  1. Go to Administration > Service Integration.
  2. Click Apex Central.
  3. Select the Enable check box to enable this feature.
  4. Under Security Level for Files, specify the security level for files to determine whether to take actions on the files:
    • High: Applies actions on files that exhibit any suspicious behavior.

    • Medium: Applies actions on files that have moderate to high probability of being malicious.

    • Low: Applies actions on files have high probability of being malicious.

    Suspicious URLs are detected during Web Reputation scanning. Therefore, when you configure Web Reputation settings in your spam policy, specify the security level to determine whether to take actions on the URLs.


    Trend Micro Email Security classifies all files and URLs in the user-defined suspicious object lists as the "High" risk.

  5. Check additional information about suspicious object list synchronization from the Apex Central.
  6. Click Save.