This topic introduces the features and functions of the AV tab in the Service Config view for a Malware Analysis service. The AV tab provides a way to identify the anti-virus software vendors whose software is in use on your network. NetWitness Platform can include the results from these vendors in the detailed results view of an event that has been analyzed using Malware Analysis.
What do you want to do?
|Role||I Want to...||Show me how|
|Administrator||Configure General Malware Analysis Settings||Configure General Malware Analysis Settings|
|Administrator||Configure Indicators of Compromise||Configure Indicators of Compromise|
Configure Auditing on Malware Analysis Host
|Administrator||Configure Hash Filter||(Optional) Configure Hash Filter|
Configure Installed Anti virus Vendor*
|Administrator||Configure Malware Analysis Proxy Settings||(Optional) Configure Malware Analysis Proxy Settings|
Register a TreadGRID API Key
|Administrator||Enable Community Analysis||Enable Community Analysis|
*You can perform this task in the current view
This is an example of the AV tab.
|1||Displays the Av Tab.|
|2||Allows you to select the AV vendor that you are using.|
|3||Displays the Secondary AV vendors.|
The AV tab lists anti-virus vendors whose software may be installed in your network. There are two categories for vendors: Primary, which are the most trusted, and Secondary, which are less known. Each vendor name has a checkbox and an icon. Checking a vendor name indicates that you have installed the selected AV software from that vendor in your environment.
This table describes the options in the AV tab.
|Vendor Checkbox||Choose one or more Anti Virus vendors from the supplied list to indicate which products have been installed in the local organization.|
|Apply||Saves changes made in the AV tab.|
|Reset||Resets the AV list to the default state, which has no vendors selected.|