Taking action on a suspicious file

If a client detects that a suspicious file is high risk or very high risk, it appears on the
Endpoint > My Tasks
tab for 90 days for you to handle.
Symantec Endpoint Security
lets you decide whether or not you want to take action the file. If you don't take an action on the file,
Endpoint Security
continues to allow the file, and is considered unresolved. Do not add this file to the deny list if you think that the file is safe.
Endpoint Security
allows the files that are tagged as low risk.
Options to handle on a suspicious file
Option
Description
Recommended Actions
Lists the action you can take on the suspicious file. The If you don't take an action on the file,
Endpoint Security
does not take an action either.
Impact
A file that is detected as suspicious on a lot of devices may indicate a widespread infection. In this case, you should add the file to the deny list.
Associated Artifacts
Select the file to get information about the file and whether or not you should add the file to the deny list or ignore the file. For example, if the file is an internal application that your company uses, you do not want to add the file to the deny list.
More information