Malicious Communication Detection
Table 1. Malicious Communication Detection List Parameters
Parameter | Description |
---|---|
Resource Address | The IP address of the host. If there is no external IP, the internal IP or cloud resource ID is displayed. |
Threat Type | Describes the type of threat received. |
Risk Level | The risk level of the current event, classified as: High, Medium, or Low. |
Process ID | The PID of the process involved in the threat communication. |
Process Path | The path of the process involved in the threat communication. |
Communication Target Address | The destination IP address of the threat communication. |
Handling Advice | Provides suggested solutions for the risk. |
Discovery Time | The first time the security risk was discovered. |
Update Time | The last time the security risk was discovered. |
Handling Status | Indicates the status of handling, including “Not Handled” and “Ignored.” If the risk has been handled, it will be deleted in the next detection. |
Malicious Communication Details
Displays the description of the malicious communication and advice on how to handle it.