This week I had a situation where the consolve of Endpoint Protection, contradicted an email alert I recieved. One said that there was an "Unsolved Security Risk" but the other said "No Action Required". I recommend that the alerts should be consistent!
IE this:
https://drive.google.com/file/d/1Ar5pRSKaU2gLDe_q2vvoJ9TK_tOXfZuz/view?usp=sharing
compared with this:
---------- Forwarded message ----------
From: SEP SBE Alerts [alerts@spn.com] <alerts@spn.com>
Date: 7 August 2018 at 00:55
Subject: High-Risk Incident Detected on CMI-FP01.cmplus.com.au
To: simpleadmin@streetfurniture.com
A high-risk incident was detected on CMI-FP01.cmplus.com.au within the group CMI-FP01 on 8/7/2018 12:27:10 AM. Incident Details W97M.Downloader Threat Name W97M.Downloader Threat Type Virus File Name F:\Ex_Staff\Google Accounts\CLD\gmail.barumugam_context.net.au_1531270027_000.zip Action Required No Action Required
|
______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________