SandBlast Agent Forensics Analysis Report

The SandBlast Agent Forensics Analysis Report provides full information on attacks and suspicious behavior with an easy interface. The report includes:

• Entry Point - How did the suspicious file enter your system?
• Business Impact - Which files were affected and what was done to them?
• Remediation - Which files were treated and what is their status?
• Suspicious Activity - What unusual behavior occurred that is a result of the attack?
• Incident Details - A complete visual picture of the paths of the attack in your system.

Use the Forensics Analysis Report to prevent future attacks and to make sure that all affected files and processes work correctly.

Opening Forensics Analysis Reports

The Forensics Analysis Report opens in your internet browser.

To open a Forensics Analysis Report for an incident:

• SmartLog - From the Log Details of a Forensics, Threat Emulation, or Anti-Bot log, under Forensics, click Report.
• SmartEvent - From the Summary of a Forensics, Threat Emulation, or Anti-Bot log, under Actions, click Open Forensics Report.
• Endpoint Security Client GUI- From the Client Overview, open the Forensics blade and click the Incident ID in the incident table.