Checking the details about a detected threat

You can understand more about detected threats by checking the backup archive, the infected email, or the Alerts tab in the Cyber Protect console.

To check the details for a detected threat

In the backup archive

  1. In the Cyber Protect console, go to Backup storage > Backups, and then select Cloud application storage.
  2. Select the backup archive that you want to check, and then click Show backups.
  3. Select a backup that is marked with a red icon for an infected file or malicious URL.
  4. For more information about the threat, click the Infected files or Malicious URLs link.

In a backed-up email

  1. In the Cyber Protect console, go to Backup storage > Backups, and then select Cloud application storage.
  2. Select the backup archive that you want to check, and then click Show backups.
  3. Select a backup that is marked with a red icon for an infected file or malicious URL.
  4. Click Recover > Email messages.
  5. [If a privacy warning is shown] In the Privacy warning dialog, click Proceed.
  6. Select an email message that is marked with a red icon for an infected file or malicious URL, and then click Show content.
  7. Under Malicious threats have been detected in this email, click Details.

In Monitoring > Alerts

  1. In the Cyber Protect console, go to Monitoring > Alerts, and then select Cloud application storage.
  2. Sort the alerts by severity.
  3. Under Warning, check for Malicious URL is detected or Malware is detected.
  4. [If a malicious URL is detected] Check the URL line at the bottom of the alert.
  5. [If malware is detected] Check the Threat name line at the bottom of the alert.