In This Section: |
Threat Emulation detects zero-day and unknown attacks. Files on the endpoint computer are sent to a sandbox for emulation to detect evasive zero-day attacks.
Threat Extraction proactively protects users from malicious content. It quickly delivers safe files while the original files are inspected for potential threats.
As part of the Threat Extraction and Threat Emulation solution, when the SandBlast Agent client is installed on a client computer, the SandBlast Agent Browser Extension is also installed on the Google Chrome browser. The SandBlast Agent Browser Extension protects against malicious files that come from internet sources.
See all Threat Extraction and Threat Emulation logs in SmartLog under Threat Emulation.
Configure the settings in the SandBlast Agent Threat Extraction and Threat Emulation rule of in the SmartEndpoint Policy tab.
For each Action in a rule, select an option, which defines the Action behavior. You can select a predefined Action option or select New to define a custom Action option.
Right-click an Action and select Edit or Edit Shared Action to change the Action behavior.
Changes to policy rules are enforced only after you install the policy.