View and Act on AutoFocus Intelligence Summary Data
Interact with the AutoFocus Intelligence Summary
to display more information about an artifact or extend your artifact
research to AutoFocus. AutoFocus tags reveal if the artifact is
associated with certain types of malware or malicious behavior.
Confirm that the firewall is connected to AutoFocus.
Hover over an artifact to open the drop-down, and click
Intelligence Summary is only available for the following types of
name (only for threats of the subtypes virus and wildfire-virus)
Launch an AutoFocus search for the artifact for which
you opened the AutoFocus Intelligence Summary.
Search AutoFocus for...
at the top of the AutoFocus Intelligence Summary window. The search
results include all samples associated with the artifact. Toggle
tabs and compare the number of samples to determine
the pervasiveness of the artifact in your organization.
Launch an AutoFocus search for other artifacts in the
AutoFocus Intelligence Summary.
Click on the following artifacts to determine their pervasiveness
in your organization:
WildFire verdicts in the Analysis
URLs and IP addresses in the Passive DNS tab
The SHA256 hashes in the Matching Hashes tab
View the number of sessions associated with the artifact
in your organization per month.
Hover over the session bars.
View the number of samples associated with the artifact
by scope and WildFire verdict.
Hover over the samples bars.
View more details about matching AutoFocus. tags.
Hover over a matching tag to view the tag description and
other tag details.
View other samples associated with a matching tag.
Click a matching tag to launch an AutoFocus search for
that tag. The search results include all samples matched to the
Unit 42 tags identify threats and campaigns that pose
a direct security risk. Click on a Unit 42 matching tag to see how
many samples in your network are associated with the threat the
Find more matching tags for an artifact.
Click the ellipsis ( ... ) to launch an AutoFocus search
for the artifact. The Tags column in the search results displays
more matching tags for the artifact, which give you an idea of other
malware, malicious behavior, threat actors, exploits, or campaigns
where the artifact is commonly detected.