MA User Guide: Scan For Malware Dialog

Document created by RSA Information Design and Development on Apr 10, 2019

Version 1Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

In the Scan for Malware dialog, Malware Analysis analysts can upload files to investigate in Malware Analysis.

To access this dialog go to the Malware Analysis view. In the Select a Malware Analysis Service dialog, select a service in the left panel, then click in the right panel.

Workflow

What do you want to do?

User Role	I want to ...	Show me how
Threat Hunter	browse event metadata	NetWitness Investigate User Guide
Threat Hunter	browse raw events	NetWitness Investigate User Guide
Threat Hunter	analyze raw events and metadata	NetWitness Investigate User Guide
Threat Hunter	investigate endpoints (Version 11.1)	NetWitness Endpoint User Guide
Threat Hunter	find suspicious endpoint files (Version 11.1)	NetWitness Endpoint User Guide
Threat Hunter	scan files and events for malware*	Conducting Malware Analysis
Incident Responder	triage an incident in Investigate	NetWitness Respond User Guide

*You can perform this task in the current view.

Quick Look

The figure below illustrates the Scan for Malware dialog, and The following table describes the features available in the dialog.

Feature	Description
	Uploads a file from your computer.
	Deletes a file from the list.
File Name	Displays the names of the files added to the list.
Name	Allows you to name the scan job.
Community	Displays options for Community to bypass or ignore certain types of files: Bypass Executable Bypass Office Bypass PDF
Sandbox	Displays options for Sandbox to bypass or ignore certain types of files: Bypass Executable Bypass Office Bypass PDF
Cancel	Closes the dialog without performing any actions.
Scan	Scans the uploaded files.