Taking action on a suspicious file
If a client detects that a suspicious file is high risk or very high risk, it appears on the
Endpoint > My Taskstab for 90 days for you to handle.
Symantec Endpoint Securitylets you decide whether or not you want to take action the file. If you don't take an action on the file,
Endpoint Securitycontinues to allow the file, and is considered unresolved. Do not add this file to the deny list if you think that the file is safe.
Endpoint Securityallows the files that are tagged as low risk.
Lists the action you can take on the suspicious file. The If you don't take an action on the file,
Endpoint Securitydoes not take an action either.
A file that is detected as suspicious on a lot of devices may indicate a widespread infection. In this case, you should add the file to the deny list.
Select the file to get information about the file and whether or not you should add the file to the deny list or ignore the file. For example, if the file is an internal application that your company uses, you do not want to add the file to the deny list.