The
Advanced Threat Indicators
widget displays the total advanced detections for each threat indicator type per selected
time
period and the change between the number of detections from the last period for each
indicator.
-
Click a number under the Total column to learn more about the
detections for that indicator. Clicking a number opens the All
Detections screen with the appropriate threat indicator filter set to see
detections only for that indicator type.
-
Threat indicators include:
-
Ransomware Detections
All ransomware detections found by URL category or Scan Engine.
-
C&C Callbacks
Detections found for C&C Callbacks by URL category or Scan
Engine
-
Suspicious URLs
Detections that are part of the Suspicious Object blocked list URLs
detections.
-
Suspicious Documents
High risk detections for Office and PDF documents.
-
Suspicious Scripts
High risk detections for certain scripts including html/html application,
javascript, java jar/class, vb, windows shell or script, .bat, or .svg files.
-
Suspicious Malware
High risk file detections that do not fall into the SO suspicious
document or suspicious script indicators
-
Coin Miners
All coin miner detections found by URL category or Scan Engine.