Suspicious Object Lists

Virtual Analyzer Suspicious Objects

Trend Micro Apex Central synchronizes Suspicious Object lists from Apex One Sandbox as a Service. If Apex One Sandbox as a Service determines that an object is a possible threat, Apex One Sandbox as a Service adds the object to the Virtual Analyzer Suspicious Object list. Apex One Sandbox as a Service then sends the list to its registered Trend Micro Apex Central server for consolidation and synchronization purposes.

On the Trend Micro Apex Central console, go to the Threat Intel → Virtual Analyzer Suspicious Objects → Objects tab to view the Virtual Analyzer Suspicious Objects list.

For more information, see Suspicious Object Detection.

Exceptions to Virtual Analyzer Suspicious Objects

From the list of Virtual Analyzer suspicious objects, Trend Micro Apex Central administrators can select objects that are considered safe and then add them to an exception list.

On the Trend Micro Apex Central console, go to the Threat Intel → Virtual Analyzer Suspicious Objects → Exceptions tab to view the Virtual Analyzer Suspicious Object Exceptions list.

For more information, see Adding Exceptions to the Virtual Analyzer Suspicious Object List.

User-Defined Suspicious Objects

Trend Micro Apex Central administrators can add objects they consider suspicious but are not currently in the list of Virtual Analyzer suspicious objects by going to the Threat Intel → Custom Intelligence → User-Defined Suspicious Objects.

For more information, see Preemptive Protection Against Suspicious Objects.