Taking action on an intrusion prevention detection
If a device detects a file that generates malicious traffic, it appears on the
My Taskstab for 90 days for you to handle.
Endpoint Securitylets you decide whether you want to take action on the traffic. If you don't deny the file,
Endpoint Securitycontinues to block the traffic, but the file remains on the device. Therefore, the task is considered unresolved. However, do not deny the source if you think that it is safe.
Lists the action you can take on the suspicious source of malicious traffic. You must select an option for
Endpoint Securityto take action.
Provides the information on the scope and range of devices that report a malicious source. A source that is detected as suspicious on a lot of devices may indicate a larger issue.
Select at item from the list to get information about it, and whether or not you should deny or ignore the source. For example, if the source is relevant to an internal application that your company uses, you do not want to deny it.
Lists other recent events and the resulting action taken, if any.