How to submit Skyhigh Web Gateway virus and antimalware samples for analysis
Last Modified: 5/26/2023
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
How to submit Skyhigh Web Gateway virus and antimalware samples for analysis
Technical Articles ID:
KB62662
Last Modified: 5/26/2023 EnvironmentSkyhigh Web Gateway (SWG)
Summary
To better support you as a SWG customer, Skyhigh Security has improved the processing of your virus and antimalware submissions. Obtaining a sample To accurately diagnose a suspected false detection, you must collect samples from within your environment. Use the instructions in the Submitting the sample Use the SWG virus detection block page to determine where to submit the sample:
IMPORTANT: For all submission processes, you must send the sample as a compressed and encrypted .zip file, using the word infected (lowercase, without quotes) as the encryption password.
Gateway Anti-Malware (GAM) Submit the sample in a Service Request: After you've collected and encrypted the sample using the NOTE: Make sure that you select Product as the source of your problem, and select Web Gateway in the Product field. (Don't select Malware as the source of your problem.) Along with the sample, provide the following:
AV
To submit suspected false-positive detections for analysis, perform the Avira Use the Avira submission website. After you submit a sample to Avira, you'll receive an automated notification email to confirm the submission status and associated Avira tracking number. You'll receive a final notification with the resolution within two days. NOTES:
Related InformationAlternative sample collection steps:
To contact Technical Support, go to the Create a Service Request page and log on to the ServicePortal.
AttachmentPrevious Document ID (Secured)
3049
|
|