Collecting Malware Info
When running, the Agent collects information about executable files on the endpoint, including but not limited to their source, file have, and signatures. The information collected may be provided to a vendor or third party for analysis.The information collected is not provided for any purpose other than malicious code detection and analysis.
- Detection results are provided in real time.
- Results may differ from similar solutions. User/ Administrator is responsible for actions taken in response to the results.
- Go to Policy in the top panel.
- Go to Policy > Node Policy > Agent Action in the left Policy panel.
- Find and click Collect Malware Information in the Agent Action window.
- Enter in CWP message, Conditions, based off of your network requirements.
Under Consent Agreement section:
- Select I Agree from the drop down to consent to sharing endpoint data for threat analysis.
Under Collection Exceptions section:
- List directories to exempt from data collection. Commonly exempted sections include antivirus quarantine folders, or other directories where known malicious files may be stored.
- Click Update.
To Apply this Agent Action to a Node Policy:
- Go to Node Policy in the left Policy panel.
- Click the [Desired Node Policy] in Node Policy window.
- Find Agent Action. Click Assign.
- Find Collect Malware Information in the Available section. Select and drag it into the Selected section.
- Click Add.
- Click Update.