To view all threats detected for a computer or group, click on the “Endpoint Protection” tab, and select “Threats”.
On this screen, you will find a listing of the threats detected for the computer/group selected. You can select which computer/group is displayed by clicking on the “Change” button at the top of the screen.
This screen has the following columns:
· State – the state of the threat, which can be one of the following:
o Not Resolved States:
§ Error – there was an error fixing the threat
§ Detected – so far no action has been taken to fix the threat
o Resolved States:
§ Suspended – the endpoint protection software was able to disable the threat, but its constituent files may still be in place or locked
§ Quarantined – the threat was successfully moved to a local quarantine folder on the computer
§ Removed – the threat was successfully removed from the computer
§ Dismissed – the threat was marked as resolved using the “Mark As Resolved” button on this page. The system administrator has already cleaned or handled the threat manually.
· Name – the name of the threat
· Threat ID – the identifier of the threat, assigned by the endpoint protection product
· Date – the date/time the threat was detected
· Severity – the severity of the threat
· Category – the category of the threat
· Detection – the method the endpoint protection product used to detect the threat
· Computer – the computer the threat was detected on
· User – the user who was active when the threat was detected
· Local Paths – any local file system paths which the threat was detected on
You can also filter the list of threats by selecting a value from the “Threat State” drop down list at the top of the screen.
To mark a threat as “manually resolved”, you can select the applicable threats using their checkboxes, and click on “Mark As Resolved”. The threats’ state will be changed to “Dismissed”, and they will show as resolved in all reports in OptiTune.