cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
TimLin
Level 9
Report Inappropriate Content
Message 1 of 3
‎10-15-2019 08:16 PM

Analyzer Detection Method type

Hello,

What is mean the Analyzer Detection Method display OutlookOA?

Thank you.

mcafee.png

0 Kudos
Reply
2 Replies
Former Member
Not applicable
Report Inappropriate Content
Message 2 of 3
‎10-16-2019 06:22 AM

Re: Analyzer Detection Method type

Hello,

It is the way by which  Malicious file was detected , either from OAS, ODS or through email scanner.

If you scroll down you in the image which you have provided you will be able to see the OAS, ODS or EmailScanner.

Mostly this was captured by email scanner.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! l Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

0 Kudos
Reply
AdithyanT
Employee
Employee
Report Inappropriate Content
Message 3 of 3
‎10-17-2019 12:00 AM

Re: Analyzer Detection Method type

Hi @TimLin 

Thank you for your post! Just adding my 2p to above.

OutlookOA - Outlook On-Access. This detection is made by Endpoint Security when the following option is enabled by policy under Endpoint Security Threat Prevention --> On-Access Scan.

I have the following excerpt from product documentation below for your kind reference:

Detect suspicious email attachments Scans and detects suspicious files saved to disk by email client applications, such as Outlook or Windows Mail. This option enables aggressive email-attachment detection using heuristic signatures, which detect most executables, scripts, and .jar files by policy, rather than looking for malware.

Select this option to scan all downloads, including archives and their contents, and MIME-encoded files. Archives are scanned 2 levels deep.

NOTE: This option also prevents executables and scripts downloaded by email clients from running. If an email client update downloads an executable, the update might not work.

Although this option doesn't affect attachments downloaded from browser-based email, on-access scan examines those downloads.

Disabling this option doesn't prevent the on-access scanner from scanning email attachments — it just disables the additional heuristic signatures.

(Disabled by default)

 

I sincerely hope this information helps!

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC