Components to Update Parent topic

To help protect your network, Deep Discovery Inspector uses the components listed in the following table.

Deep Discovery Inspector Components

Component
Description
Advanced Persistent Threat Information Pattern
Advanced Persistent Threat Information Pattern provides details about advanced persistent threats.
Advanced Threat Correlation Pattern
​The Advanced Threat Correlation Pattern contains a list of file features that are not relevant to any known threats.
Advanced Threat Scan Engine for Deep Discovery (Linux, 64-bit)
The Advanced Threat Scan Engine protects against viruses, malware, and exploits to vulnerabilities in software such as Java and Flash. Integrated with the Trend Micro Virus Scan Engine, the Advanced Threat Scan Engine employs signature-based, behavior-based, and aggressive heuristic detection.
C&C Identification Pattern
C&C Identification Pattern contains a list of known C&C servers and callback addresses.
Common Threat Family Information Pattern
Common Threat Family Information Pattern provides the common threat family name for detections.
Common Vulnerabilities and Exposures Information Pattern
Common Vulnerability and Exposure Information Pattern provides CVE reference information for detections.
Contextual Intelligence Query Handler
​The Contextual Intelligence Query Handler processes the behaviors identified by the Contextual Intelligence Engine and sends the report to the Predictive Machine Learning engine.
Deep Discovery Malware Pattern
The Trend Micro Virus Scan Engine protects against viruses and malware in files through heuristic, signature-based, and behavior-based detection. Trend Micro updates the virus pattern files as soon as detection routines for new threats are available.
IntelliTrap Exception Pattern
The IntelliTrap Exception Pattern contains detection routines for safe compressed executable (packed) files to reduce the amount of false positives during IntelliTrap scanning.
IntelliTrap Pattern
The IntelliTrap Pattern contains the detection routines for compressed executable (packed) file types that are known to commonly obfuscate malware and other potential threats.
Network Content Correlation Pattern
The Network Content Correlation Pattern implements detection rules defined by Trend Micro.
Network Content Inspection Engine (5.14, Kernel mode, 64-bit, Conf: 6500)
The Network Content Inspection Engine is used to perform network scanning.
Network Content Inspection Engine (Linux, User mode, 64-bit)
The Network Content Inspection Engine is used to perform network scanning.
Network Content Inspection Pattern
The Network Content Inspection Pattern is used by the Network Content Inspection Engine to perform network scanning.
Script Analyzer Unified Pattern
The Script Analyzer Pattern is used during analysis of web page scripts to identify malicious code.
Spyware/Grayware Pattern
The Spyware/Grayware Pattern identifies unique patterns of bits and bytes that signal the presence of certain types of potentially undesirable files and programs, such as adware and spyware, or other grayware.
Threat Correlation Pattern
The Threat Correlation Pattern is used by Deep Discovery Inspector during threat correlation.
Threat Knowledgebase (EN)
The Threat Knowledge Base provides information for threat correlation.
Trend Micro Intelligence Agent v.2 (Deep Discovery Inspector, Linux, 64-bit)
Trend Micro Intelligence Agent v.2 retrieves additional information about detections.
Trusted Certificate Authorities Pattern
Trusted Certificate Authorities Pattern provides the trusted certificate authorities to verify PE signatures.
Virtual Analyzer Configuration Pattern
The Virtual Analyzer Configuration Pattern contains configuration information for Virtual Analyzer, such as supported threat types and supported file types.
Virtual Analyzer Sensors
The Virtual Analyzer Sensors are a collection of utilities used to execute and detect malware and to record behavior in Virtual Analyzer.