Comodo Help
Find the desired product help
Comodo Secure Web Gateway

Comodo Secure Web Gateway

Secure Web Gateway Admin Guide

English

Print Help Download Help
Unknown Threat Statistics
  • Introduction To Comodo Secure Web Gateway
    • Purchase Licenses
    • Login To The Admin Console
  • The Admin Console
  • The Dashboard
    • Customize The Dashboard
  • Configure Comodo Secure Web Gateway
    • Connect Your Network / Devices To Secure Web Gateway
      • Traffic Forwarding Via Direct Proxy Or PAC
      • Traffic Forwarding Via Proxy Chaining
      • Traffic Forwarding Via Internet Content Adaptation Protocol (ICAP)
      • Traffic Forwarding Via SWG Agent
    • Connect Your Roaming Devices To Comodo Secure Web Gateway
      • View Enrolled Roaming Devices
    • Configure Comodo Secure Web Gateway Messages
    • Configure Domain Name
    • Configure PAC File For Exclusions
    • Configure Data Loss Prevention And View ICAP Service Information
    • Configure Policy Time-Schedules
  • Manage Trusted Networks
  • Manage Policies
    • Security Policy
      • Configure Advanced Threat Protection Settings
      • Configure Containerization Settings
    • Web Content Policy
      • Manage URL Filtering Policies
      • Configure SSL Inspection Settings
      • Manage File Type Control Rules
  • Apply Policies To Networks
  • Administration
    • Configure User Authentication Settings
    • User Management
      • Manage Users
      • Manage User Groups
      • Manage Departments
      • Manage Computers
    • My Profile
  • Reports
    • Custom Reports
    • Scheduled Reports
  • Unknown Threat Statistics
  • About Comodo Security Solutions

Unknown Threat Statistics

 

  • Click 'Containment' in the top-menu to open the 'Unknown Threat Details' area.
  • This area shows details about unknown files discovered on your network.
    • Unknown files are automatically run in a secure environment called the 'Container'. While running in the container, unknown files cannot access operating system resources, the file system, other processes or user data.
    • Simultaneously, unknown files are uploaded to Valkyrie for analysis to establish their trust level.



    Unknow Threat Details - Table of Column Descriptions

    Column Header

    Description

    Time

    Date and time the unknown file was detected.

    File

    Name of the file, including file extension.

    Source Domain

    Website from which the file originated.

    Source IP

    IP address of the domain from which the file originated.

    # of Endpoints

    Number of endpoints on which the file was contained.

    Status

    Shows whether the file was contained, or contained + uploaded to Valkyrie for analysis.


    Valkyrie is Comodo's file analysis system. It runs a barrage of tests on unknown files to discover their behavior and assign them a trust rating.


    The 'Search' button allows you to find specific files by numerous criteria:




    Click a file row to view its details:




    • MIME Type – File type
    • SHA 1 – Hash value of the file
    • Last Execution Time – The date and time the file was last run
    • Target Address – The location network IP address the file was downloaded
    • PCs Affected – The name of the affected computer(s)
    • Actions - Click a link to categorize: 
    • Add File to Blacklist – File is added to Global Blocked File List ('Configuration' > 'Advanced Threat Protection' > 'Global Blocked File List')
    • Add Domain to Blacklist - Domain is added to blacklist in the default profile of ATP on the Advanced Threat Protection Page ('Configuration' > 'Advanced Threat Protection' > 'Domain Blacklist')
    • Add Domain to Whitelist - Domain is added to whitelist in the default profile of ATP on the Advanced Threat Protection Page ('Configuration' > 'Advanced Threat Protection' > 'Domain Whitelist')
    • Move out of Sandbox - The file runs outside the container and will not be contained again.

    Valkyrie
    • You can view the status of unknown files you have submitted to Valkyrie at https://valkyrie.comodo.com/
    • You can login to Valkyrie with your Comodo SWG username and password
    More information about using Valkyrie can be found in the dedicated guide at https://help.comodo.com/topic-397-1-773-9563-Introduction-to-Comodo-Valkyrie.html
    Our Products
    • Free Antivirus
    • Free Internet Security
    • Website Malware Removal
    • Free Anti-Malware
    • Anti-Spam (Free Trial)
    • Windows Antivirus
    • Antivirus for Windows 7
    • Antivirus for Windows 8
    • Antivirus for Windows 10
    • Antivirus for MAC
    • Antivirus for Linux
    • Free Endpoint Security
    • Free ModSecurity
    • Free RMM
    • Free Website Malware Scanner
    • Free Device Manager for Android
    • Free Demo
    • Network Security
    • Endpoint Protection
    • Antivirus for Android
    • Comodo Antivirus
    • Wordpress Security
    Cheap CDN
    • Bootstrap CDN
    • Semantic UI CDN
    • Jquery CDN
    • CDN Plans
    • CDN
    • Free CDN
    Enterprise
    • Patch Management Software
    • Patch Manager
    • Service Desk
    • Website Down
    • Endpoint Protection Solutions
    • Website Security Check
    • Remote Monitoring and Management
    • Website Security
    • Device Manager
    • ITSM
    • CRM
    • MSP
    • Android Device Manager
    • MDR Services
    • EDR Services
    • Ransomware Prevention
    • Managed IT Support Services
    • EDR
    • What is EDR
    Free SSL Certificate
    Support Partners Terms and Conditions Privacy Policy

    © Comodo Group, Inc. 2023. All rights reserved.